Page 1 CLI Manual CLI Manual DGS-3200 Series Product Model: Layer 2 Gigabit Ethernet Managed Switch Product Model : Release 1.1 GS-3200-10 Layer 2 Gigabit Ethernet Managed Switch Release 1 September 2007 651GS320015G RECYCLABLE...
Page 2: Table Of Contents
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Table of Contents Introduction ........................15 ......................16 SING OMMAND NTERFACE 1-1 Accessing the Switch via the Serial Port ......................16 1-2 Setting the Switch’s IP Address ...........................17 1-3 Command Syntax Symbols..........................21 1-4 Line-Editing Keys..............................22...
Page 3 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 4-1 download ................................49 4-2 upload ..................................50 4-3 config firmware..............................52 4-4 config configuration..............................53 4-5 show firmware information ..........................53 4-6 show config information............................54 4-7 ping ..................................55 4-8 traceroute ................................57 4-9 telnet ..................................58 IV. Network Management ....................59 5 SNMP ........................
Page 4 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 7-4 show trusted_host..............................84 7-5 config snmp system_name ...........................85 7-6 config snmp system_location ..........................86 7-7 config snmp system_contact ..........................87 7-8 enable rmon................................87 7-9 disable rmon ................................88 7-10 enable snmp traps..............................89 7-11 disable snmp traps...............................89 7-12 enable snmp authenticate_traps..........................90...
Page 5 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 12-1 config sntp .................................116 12-2 show sntp................................117 12-3 enable sntp.................................118 12-4 disable sntp................................118 12-5 config time.................................119 12-6 config time_zone...............................120 12-7 config dst ................................121 12-8 show time ................................122 13 J ........................123 UMBO...
Page 6 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 16-13 config stp .................................152 16-14 config stp ports..............................153 16-15 config stp mst_ports............................154 17 FDB C ..........................156 OMMAND 17-1 create fdb ................................156 17-2 create multicast_fdb............................157 17-3 config multicast_fdb ............................157 17-4 config fdb aging_time............................158 17-5 config multicast vlan_filtering_mode ......................159...
Page 7 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 20-12 disable pvid auto_assign..........................184 20-13 show pvid auto_assign............................184 21 P VLAN C ......................186 ROTOCOL OMMAND 21-1 create dot1v_protocol_group..........................186 21-2 config dot1v_protocol_group add protocol .....................187 21-3 config dot1v_protocol_group delete protocol ....................188 21-4 delete dot1v_protocol_group..........................188 21-5 show dot1v_protocol_group..........................189...
Page 8 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 27-4 enable ipif ................................212 27-5 disable ipif .................................212 27-6 show ipif................................213 27-7 enable ipif_ipv6_link_local_auto........................214 27-8 disable ipif_ipv6_link_local_auto........................215 27-9 show ipif_ipv6_link_local_auto........................216 28 A ........................217 ONFIG OMMAND 28-1 show autoconfig..............................217 28-2 enable autoconfig..............................217 28-3 disable autoconfig .............................218...
Page 9 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 32-6 disable igmp_snooping.............................241 32-7 show igmp_snooping............................242 32-8 show igmp_snooping group ..........................243 32-9 show router_ports..............................244 33 MLD S ......................246 NOOPING OMMAND 33-1 config mld_snooping ............................246 33-2 config mld_snooping querier..........................247 33-3 config mld_snooping mrouter_ports........................249 33-4 config mld_snooping mrouter_ports_forbidden....................249...
Page 10 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 35-14 delete 802.1x guest_vlan ..........................277 35-15 config 802.1x guest vlan..........................278 35-16 show 802.1x guest vlan ..........................278 35-17 config radius add.............................279 35-18 config radius delete............................280 35-19 config radius..............................281 35-20 show radius..............................282 35-21 show auth_statistics ............................283 35-22 show auth_diagnostics............................284...
Page 11 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 36-26 config admin local_enable..........................315 37 SSL C ..........................316 OMMAND 37-1 show ssl certificate............................316 37-2 download ssl certificate ............................317 37-3 enable ssl ................................318 37-4 disable ssl................................319 37-5 show ssl ................................320 37-6 show ssl cachetimeout ............................321 37-7 config ssl cachetimeout.............................322...
Page 12 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 40-8 show wac user ..............................347 40-9 clear wac auth_state ............................348 41 MAC- ..................349 BASED CCESS ONTROL OMMAND ISTS 41-1 enable mac_based_access_control........................349 41-2 disable mac_based_access_control........................350 41-3 config mac_based_access_control........................350 41-4 config mac_based_access_control guest_vlan ....................352 41-5 delete mac_based_access_control guest_vlan....................353...
Page 13 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 43-1 config bandwidth_control..........................379 43-2 show bandwidth_control ..........................381 43-3 config scheduling ..............................382 43-4 config scheduling_mechanism.........................383 43-5 show scheduling..............................384 43-6 show scheduling_mechanism...........................385 43-7 config 802.1p user_priority ..........................386 43-8 show 802.1p user_priority..........................387 43-9 config 802.1p default_priority..........................387 43-10 show 802.1p default_priority .........................388...
Page 14 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 46-6 show time_range...............................421 46-7 create cpu access_profile ..........................422 46-8 delete cpu access_profile ..........................424 46-9 config cpu access_profile ..........................425 46-10 show cpu access_profile..........................427 46-11 enable cpu_interface_filtering........................429 46-12 disable cpu_interface_filtering........................430 XIII. Packet Control......................431 47 P .......................432...
Page 15: Introduction
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual I. Introduction The Introduction section includes the following chapter: Using Command Line Interface.
Page 16: Using Command Line Interface
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 1 Using Command Line Interface The Switch can be managed through the Switch’s serial port, Telnet, or the Web-based management agent. The Command Line Interface (CLI) can be used to configure and manage the Switch via the serial port or Telnet interfaces.
Page 17: Setting The Switch's Ip Address
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 1-2 Setting the Switch’s IP Address Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. You can change the default Switch IP address to meet the specification of your networking address scheme.
Page 18 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual In the above example, the Switch was assigned an IP address of 10.24.22.100 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The Switch can now be...
Page 19 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual When entering a command without its required parameters, the CLI will prompt you with a Next possible completions: message. In this case, the command config account was entered with the parameter <username>. The CLI will then prompt to enter the <username>...
Page 20 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username> prompt. The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt.
Page 21: Command Syntax Symbols
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual In the above example, all of the possible next parameters for the show command are displayed. At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter. The CLI then displays the user accounts configured on the Switch.
Page 22: Line-Editing Keys
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual braces { } Enclose an optional value or a list of optional arguments. One or more values or arguments can be specified. For example, in the syntax reset { [config | system] } you may choose config or system in the command.
Page 23: Interface And Hardware
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual II. Interface and Hardware The Interface and Hardware section includes the following chapter: Switch Port.
Page 24: Switch Port Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 2 Switch Port Command List config ports [ <portlist>| all ] {medium_type[fiber|copper]} { speed [auto | 10_half | 10_full | 100_half | 100_full | 1000_full{master|slave}] | flow_control [enable | disable] | learning [enable | disable ] | state( [enable | disable ] [description <desc 1-32>...
Page 25: Show Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 1000_full sets port speed to 1000_full. When setting 1000_full port speed to 1000_full, user should specify master or slave mode for 1000 base TX interface, and leave the 1000_full without any master or slave setting for other interface.
Page 26 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show ports {<portlist>} { [ description | err_disabled] } Description The show ports command displays the current configurations of a range of ports. No parameter will show all ports. Parameters...
Page 27 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual E n a b l e d 1 0 M / F u l l / E n a b l e d E r r - D i s a b l e d E n a b l e d D e s c : p o r t 1 .
Page 28: Fundamentals
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual III. Fundamentals The Fundamentals section includes the following chapters: Basic Management and Utility.
Page 29: Basic Management Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 3 Basic Management Command List create account [admin | user] <username 15> enable password encryption disable password encryption config account <username> {encrypt [plain_text| sha_1] <password>} show account delete account <username> show session...
Page 30: Enable Password Encryption
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Name of the admin account. admin <username 15> Name of the user account. user <username 15> Restrictions You must have administrator privileges. Examples To create the admin-level user “dlink”:...
Page 31: Disable Password Encryption
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The user account configuration information will be stored in the configuration file, and can be applied to the system later. If the password encryption is enabled, the password will be in encrypted form when it is stored in the configuration file.
Page 32: Config Account
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To disable password encryption D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e p a s s w o r d e n c r y p t i o n C o m m a n d : d i s a b l e p a s s w o r d e n c r y p t i o n S u c c e s s .
Page 33: Show Account
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure the user password of “dlink” account : DGS-3200-10:4#config account dlink Command: config account dlink Enter a old password:**** Enter a case-sensitive new password:**** Enter the new password again for confirmation:**** Success.
Page 34: Delete Account
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To display the accounts that have been created: D G S - 3 2 0 0 - 1 0 : 4 # s h o w a c c o u n t...
Page 35: Show Session
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e a c c o u n t S y s t e m C o m m a n d : d e l e t e a c c o u n t S y s t e m S u c c e s s .
Page 36: Show Switch
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 3-8 show switch Purpose Used to display the switch information. Format show switch Description The show switch command displays the switch information. Parameters None. Restrictions None. Example To display the switch information:...
Page 37: Show Environment
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual W E B : E n a b l e d ( T C P 8 0 ) S N M P : E n a b l e d R M O N...
Page 38: Show Serial_Port
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 6 : 4 # s h o w e n v i r o n m e n t C o m m a n d : s h o w e n v i r o n m e n t...
Page 39: Config Serial_Port
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual P a r i t y B i t s : N o n e S t o p B i t s A u t o - L o g o u t...
Page 40: Enable Clipaging
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual S u c c e s s . D G S - 3 2 0 0 - 1 0 : 4 # 3-12 enable clipaging Purpose Used to pause the scrolling of the console screen when the show command displays more than one page.
Page 41: Enable Telnet
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The disable clipaging command disables pausing of the screen display when show command output reaches the end of the page. The default setting is enabled. Parameters None. Restrictions You must have administrator privileges.
Page 42: Disable Telnet
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To enable Telnet and configure a port number: D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e t e l n e t 2 3 C o m m a n d : e n a b l e t e l n e t 2 3 S u c c e s s .
Page 43: Disable Web
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Use the command to enable HTTP and configure port number. Format enable web {<tcp_port_number 1-65535>} Description The enable web command enables HTTP and configures port number. Parameters Parameters Description The TCP port number. TCP ports are numbered between 1 and tcp_port_number 65535.
Page 44: Save
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example To disable HTTP : D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e w e b C o m m a n d : d i s a b l e w e b S u c c e s s .
Page 45: Reboot
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # D G S - 3 2 0 0 - 1 0 : 4 # s a v e c o n f i g 1 C o m m a n d : s a v e c o n f i g 1 S a v i n g c o n f i g u r a t i o n 1 t o N V - R A M .
Page 46: Reset
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # r e b o o t C o m m a n d : r e b o o t A r e y o u s u r e t o p r o c e e d w i t h t h e s y s t e m r e b o o t ? ( y / n ) P l e a s e w a i t , t h e s w i t c h i s r e b o o t i n g …...
Page 47: Login
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # r e s e t c o n f i g C o m m a n d : r e s e t c o n f i g A r e y o u s u r e t o p r o c e e d w i t h s y s t e m r e s e t ? ( y / n ) S u c c e s s .
Page 48: Logout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 3-22 logout Purpose Used to log out of the switch. Format logout Description When you are finished using the facility, use the logout command to logout. Parameter None. Restrictions None. Example...
Page 49: Utility Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 4 Utility Command List download [ firmware_fromTFTP [ <ipaddr> | <ipv6addr> ] <path_filename 64> image_id <1-2> ] | [ cfg_fromTFTP <ipaddr> <path_filename 64> {[<config_id 1-2> | increment]} ] upload log_toTFTP [ <ipaddr> | <ipv6addr> ] <path_filename 64> ] upload cfg_toTFTP [ <ipaddr>...
Page 50: Upload
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Download and install new firmware on the switch from a TFTP server. firmware_fromTFTP Download a switch configuration file from a TFTP server. cfg_fromTFTP The IP address of the TFTP server.
Page 51 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format upload log_toTFTP [ <ipaddr> | <ipv6addr> ] <path_filename 64> upload cfg_toTFTP [ <ipaddr> | <ipv6addr> ] <path_filename 64> { <config_id 1-2>} Description This command is used to upload either the switch’s configuration or the switch’s history log to a TFTP server.
Page 52: Config Firmware
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # u p l o a d l o g _ t o T F T P 1 0 . 4 8 . 7 4 . 1 2 1 c : \ c f g \ D G S - 3 2 0 0 - 1 0 \ l o g C o m m a n d : u p l o a d l o g _ t o T F T P 1 0 .
Page 53: Config Configuration
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g f i r m w a r e i m a g e _ i d 1 b o o t _ u p...
Page 54: Show Config Information
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show firmware information command displays the firmware information. Parameters None Restrictions You must have administrator privileges. Example To show the firmware information: D G S - 3 2 0 0 - 1 0 : 4 # s h o w f i r m w a r e i n f o r m a t i o n...
Page 55: Ping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description None Parameters None Restrictions You must have administrator privileges. Example To show the configuration information: D G S - 3 2 0 0 - 1 0 : 4 # s h o w c o n f i g i n f o r m a t i o n...
Page 56 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format ping <ipaddr> {times <value 0-255>} {timeout <sec 1-99>} Description The ping command sends Internet Control Message Protocol (ICMP) echo messages to a remote IP address. The remote IP address will then “echo” or return the message. This is used to confirm connectivity between the switch and the remote device.
Page 57: Traceroute
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 4-8 traceroute Purpose Used to trace the routed path between the switch and a destination endstation. Format traceroute <ipaddr> {ttl <value 1-60>} {port <value 30000-64900>} {timeout <sec 1-65535>} {probe <value 1-9>} Description The traceroute command allows you to trace a route between the switch and a give host on the network.
Page 58: Telnet
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 4-9 telnet Purpose Used to login a host that supports Telnet. Format telnet <ipaddr> {tcp_port <value 0-65535>} Description The telnet command logins a host that supports Telnet. Parameters Parameters Description The IP address of the host to login.
Page 59: Network Management
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual IV. Network Management The Fundamentals section includes the following chapters: SNMPv1/v2, SNMPv3, Network Management, Network Monitoring, System Severity, Command List History, Modify Banner and Prompt, Time and SNTP, Jumbo Frame, Single IP Management, and Safeguard Engine.
Page 60: Snmpv1/V2 Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 5 SNMPv1/v2 Command List create snmp community <community_string 32> view <view_name 32> [read_only | read_write] delete snmp community <community_string 32> show snmp community <community_string 32> Note: If SNMPv3 commands are used, the SNMPv1/v2 commands are not necessary.
Page 61: Delete Snmp Community
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p c o m m u n i t y S y s t e m r e a d w r i t e C o m m a n d : c r e a t e s n m p c o m m u n i t y S y s t e m r e a d w r i t e S u c c e s s .
Page 62 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show snmp community <community_string 32> Description The show snmp community command displays the following information: SNMP community strings, View Name, and Access Rights. Parameter Parameters Description An alphanumeric string of up to 32 characters used in the community_string authentication of users wanting access to the switch’s SNMP agent.
Page 63: Snmpv3 Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6 SNMPv3 Command List create snmp user <SNMP_name 32> <groupname 32> {encrypted [by_password auth [md5 <auth_password 8-16 > | sha <auth_password 8-20 >] priv [none | des <priv_password 8-16> ]| by_key auth [md5 <auth_key 32-32>| sha <auth_key 40-40>] priv [none | des) <priv_key 32-32>...
Page 64 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual [by_password auth [md5 <auth_password 8-16 > | sha <auth_password 8-20 >] priv [none | des <priv_password 8-16> ]| by_key auth [md5 <auth_key 32-32>| sha <auth_key 40-40>] priv [none | des <priv_key 32-32> ]]}...
Page 65: Delete Snmp User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p u s e r d l i n k D - L i n k _ g r o u p e n c r y p t e d b y _ p a s s w o r d a u t h md 5...
Page 66: Show Snmp User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6-3 show snmp user Purpose Used to display information on each SNMP username in the group username table. Format show snmp user Description The show snmp user command displays information on each SNMP username in the group username table.
Page 67 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w s n m p g r o u p s...
Page 68 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual G r o u p N a m e : p r i v a t e R e a d V i e w N a m e : C o m m u n i t y V i e w...
Page 69: Create Snmp View
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual W r i t e V i e w N a m e : C o m m u n i t y V i e w N o t i f y V i e w N a m e : C o m m u n i t y V i e w...
Page 70: Delete Snmp View
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Specify the access type of of the MIB tree in this view . view_type Includes for this view. included Excluded for this view. excluded Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p v i e w d l i n k v i e w 1 .
Page 71: Show Snmp View
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6-7 show snmp view Purpose Used to display the SNMP view record. Format show snmp view {<view_name 32>} Description The show snmp view command displays the SNMP view record. Parameters Parameters Description View name of the user who likes to show.
Page 72: Create Snmp Community
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6-8 create snmp community Purpose Use an SNMP community string to define the relationship between the SNMP manager and the agent. The community string acts like a password to permit access to the agent on the switch. You can specify...
Page 73: Delete Snmp Community
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6-9 delete snmp community Purpose Used to remove a specific communtiy string Format delete snmp community <community_string 32> Description The delete snmp community command removes a specific community string. Parameters Parameters Description The community string that will be deleted.
Page 74: Config Snmp Engineid
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w s n m p c o m m u n i t y...
Page 75: Show Snmp Engineid
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s n m p e n g i n e I D 1 0 2 3 4 5 7 8 9 0 C o m m a n d : c o n f i g s n m p e n g i n e I D 1 0 2 3 4 5 7 8 9 0 S u c c e s s .
Page 76: Delete Snmp Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The create snmp group command creates a new SNMP group. Parameters Parameters Description The name of the group. groupname The least secure of the possible security models. The second least secure of the possible security models.
Page 77: Create Snmp Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description groupname The name of the group will be deleted. Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e s n m p g r o u p D _ L i n k _ g r o u p C o m m a n d : d e l e t e s n m p g r o u p D _ L i n k _ g r o u p S u c c e s s .
Page 78: Delete Snmp Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions 2-level administrator 3-level operator Example D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p h o s t 1 0 . 4 8 . 7 4 . 1 0 0 v 3 n o a u t h _ n o p r i v i n i t i a l C o m m a n d : c r e a t e s n m p h o s t 1 0 .
Page 79: Show Snmp Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 6-17 show snmp host Purpose Used to display the recipient for which the traps are targeted. Format show snmp host { <ipaddr> } Description The show snmp host command displays the recipient for which the traps are targeted.
Page 80: Show Snmp Traps
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show snmp v6host command displays the recipient for which the traps are targeted. Parameters Parameters Description The IP address of the recipient for which the traps are targeted. ipaddr If no parameters are specified, all SNMP hosts will be displayed.
Page 81 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show snmp traps command is used to show traps state. Parameters None Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w s n m p t r a p s...
Page 82: Network Management Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 7 Network Management Command List enable snmp disable snmp create trusted_host [<ipaddr> | network <network_address>] delete trusted_host [ ipaddr <ipaddr> | network <network_address>| all] show trusted_host {<ipaddr>} config snmp system_name {<sw_name>} config snmp system_location {<sw_location>}...
Page 83: Create Trusted_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e s n m p C o m m a n d : e n a b l e s n m p S u c c e s s .
Page 84: Delete Trusted_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 7-3 delete trusted_host Purpose Used to delete a trusted host entry made using the create trusted_host command above. Format delete trusted_host [ipaddr <ipaddr> | all] Description The delete trusted_host command is used to delete a trusted host entry made using the create trusted_host command above.
Page 85: Config Snmp System_Name
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions None. Example To display a trusted host: D G S - 3 2 0 0 - 1 0 : 4 # s h o w t r u s t e d _ h o s t...
Page 86: Config Snmp System_Location
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example To configure the switch name for “ ”: D G S - 3 2 0 0 - 1 0 G i g a b i t E t h e r n e t S w i t c h...
Page 87: Config Snmp System_Contact
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 7-7 config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the switch. Format config snmp system_contact {<sw_contact>} Description The config snmp system_contact command is used to enter the name and/or other information to identify a contact person who is responsible for the switch.
Page 88: Disable Rmon
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example To enable RMON on the switch: D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e r m o n C o m m a n d : e n a b l e r m o n S u c c e s s .
Page 89: Enable Snmp Traps
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 7-10 enable snmp traps Purpose Used to enable SNMP trap support. Format enable snmp traps Description The enable snmp traps command is used to enable SNMP trap support on the switch.
Page 90: Enable Snmp Authenticate_Traps
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To prevent SNMP traps from being sent from the switch: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e s n m p t r a p s C o m m a n d : d i s a b l e s n m p t r a p s S u c c e s s .
Page 91 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format disable snmp authenticate_traps Description The disable snmp authenticate_traps command disables SNMP authentication failure trap support. Parameters None. Restrictions You must have administrator privileges. Example To disable SNMP authentication trap support:...
Page 92: Network Monitoring Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 8 Network Monitoring Command List show packet ports <portlist> show error ports <portlist> show utilization [ports | cpu] clear counters {ports <portlist> } clear log show log {index <value_list> } enable syslog...
Page 93: Show Error Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Example To display the packets analysis for port 7 D G S - 3 2 0 0 - 1 0 : 4 # s h o w p a c k e t p o r t s 7...
Page 94: Show Utilization
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies a range of ports to be displayed. portlist Restrictions None. Example To display the errors of port 3: D G S - 3 2 0 0 - 1 0 : 4 # s h o w e r r o r p o r t s 3...
Page 95: Clear Counters
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Example To display the ports utilization: D G S - 3 2 0 0 - 1 0 : 4 # s h o w u t i l i z a t i o n p o r t s...
Page 96: Clear Log
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The clear counters command clears the switch’s statistics counters. Parameters Parameters Description Specifies a range of ports to be configured. The beginning and end of portlist the port list range are separated by a dash.
Page 97: Show Log
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c l e a r l o g C o m m a n d : c l e a r l o g...
Page 98: Enable Syslog
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 8-7 enable syslog Purpose Used to enable syslog to send a message. Format enable syslog Description The enable syslog command enables syslog to send a message. Parameters None. Restrictions You must have administrator privileges.
Page 99: Show Syslog
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To disable syslog sending a message: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e s y s l o g...
Page 100 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config syslog host [ all |<index 1-4>] { severity [informational |warning | all ] | facility [ local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 ] | udp_port <udp_port_number>...
Page 101: Create Syslog Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s y s l o g h o s t a l l s e v e r i r y a l l f a c i l i t y l o c a l 0 C o m m a n d : c o n f i g s y s l o g h o s t a l l s e v e r i r y a l l f a c i l i t y l o c a l 0 S u c c e s s .
Page 102: Delete Syslog Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual user-defined Facility local5 user-defined Facility local6 user-defined Facility local7 The UDP port number. udp_port The IP address of the host. ipaddr The Syslog protocol has been used for the transmission of event state notification messages across networks to host.
Page 103: Show Syslog Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e s y s l o g h o s t 4...
Page 104: Config Log_Save_Timing
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # 8-14 config log_save_timing Purpose Used to configure the method to save log. Format config log_save_timing [time_interval <min 1-65535> | on_demand | log_trigger] Description The config log_save_timing command is used to set the method to save log.
Page 105 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Shows the method to save log. Parameters None. Restrictions None. Example To show the timing method of the log save. D G S - 3 2 0 0 - 1 0 : 4 # show log_save_timing...
Page 106: System Severity Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 9 System Severity Command List config system_severity [trap | log | all] [critical | warning | information ] show system_severity 9-1 config system_severity Purpose Configure severity level control for system. Format...
Page 107: Show System_Severity
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 9-2 show system_severity Purpose To show the severity level control for a system. Format show system_severity Description Use this command to show severity level control for a system. Parameters None. Restrictions None.
Page 108: Command List History Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 10 Command List History Command List show command_history config command_history <value 1-40> 10-1 ? Purpose Used to display all commands in the Command Line Interface (CLI). Format ? {command} Description The ? command will display all of the commands available through the Command Line Interface ( CLI ).
Page 109: Show Command_History
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual c l e a r f d b c l e a r l o g c l e a r p o r t _ s e c u r i t y _ e n t r y p o r t c o n f i g 8 0 2 .
Page 110: Dir
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w c o m m a n d _ h i s t o r y...
Page 111: Config Command_History
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To display all commands: D G S - 3 2 0 0 - 1 0 : 4 # d i r C o m m a n d : d i r...
Page 112 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The config command_history command lets you cofigure the number of commands that the switch can recall. Parameters Parameters Description The number of commands (1-40) that the switch can recall. value Restrictions None.
Page 113: Modify Banner And Prompt Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 11 Modify Banner and Prompt Command List config greeting_message {default} config command_prompt [<string 16> | username | default] 11-1 config greeting_message Purpose Used to configure the greeting message(or banner). Format config greeting_message {default} Description Users may enter this command to modify the login banner.
Page 114: Config Command_Prompt
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = T h i s i s a D G S - 3 2 0 0 - 1 0 s w i t c h .
Page 115: Response Messages
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Users may enter this command to modify the command prompt. The current command prompt consists of four parts: “product name” + “:” + ”user level” + ”#” (e.g. “DGS-3200-10:4#”). This command is used to modify the first part (1. “product name”) with a string consisting of a maximum of 16 characters, or to be replaced with the users’...
Page 116: Time And Sntp Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 12 Time and SNTP Command List config sntp {primary <ipaddr> | secondary <ipaddr> | poll-interval <int 30-99999>} show sntp enable sntp disable sntp config time <date ddmmmyyyy > <time hh:mm:ss >...
Page 117: Show Sntp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description The SNTP primary server IP address. primary The SNTP secondary server IP address. secondary The polling interval range is between 30 and 99999 seconds. poll-interval Restrictions You must have administrator privileges.
Page 118: Enable Sntp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s n t p C o m m a n d : s h o w s n t p...
Page 119: Config Time
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format disable sntp Description The disable sntp command turns off SNTP support. Parameters None. Restrictions You must have administrator privileges. Example To disable SNTP: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e s n t p C o m m a n d : d i s a b l e s n t p S u c c e s s .
Page 120: Config Time_Zone
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To configure time: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g t i m e 3 0 j u n 2 0 0 3 1 6 : 3 0 : 3 0 C o m m a n d : c o n f i g t i m e 3 0 j u n 2 0 0 3 1 6 : 3 0 : 3 0 S u c c e s s .
Page 121: Config Dst
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g t i m e _ z o n e o p e r a t o r + h o u r 2 m i n 3 0 C o m m a n d : c o n f i g t i m e _ z o n e o p e r a t o r + h o u r 2 m i n 3 0 S u c c e s s .
Page 122: Show Time
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g d s t r e p e a t i n g s _ w e e k 2 s _ d a y t u e s _ m t h 4 s _ t i m e 1 5 : 0 0 e _ w e e k...
Page 123: Jumbo Frame Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 13 Jumbo Frame Command List enable jumbo_frame disable jumbo_frame show jumbo_frame 13-1 enable jumbo_frame Purpose Use the command to enable support of Jumbo Frames. Format enable jumbo_frame Description The enable jumbo_frame command enables support of Jumbo Frames.
Page 124: Show Jumbo_Frame
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The disable jumbo_frame command disables support of Jumbo Frames. Parameters None. Restrictions You must have administrator privileges. Example To disable Jumbo Frames: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e j u m b o _ f r a m e C o m m a n d : d i s a b l e j u m b o _ f r a m e S u c c e s s .
Page 125 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w j u m b o _ f r a m e C o m m a n d : s h o w j u m b o _ f r a m e...
Page 126: Single Ip Management Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 14 Single IP Management Command List enable sim disable sim show sim { [ candidates { <candidate_id 1-100> } | members { <member_id 1-32> } | group {commander_mac <macaddr>} | neighbor ] } reconfig { member_id <value 1-32>...
Page 127: Disable Sim
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e s i m C o m m a n d : e n a b l e s i m S u c c e s s .
Page 128 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show sim command displays the information of the specific sorts of devices including of self, candidate, member, group, and neighbor. Parameters Parameters Description Specifies the candidate devices. candidates Specifies the member devices.
Page 129 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s i m c a n d i d a t e C o m m a n d : s h o w s i m c a n d i d a t e...
Page 130 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s i m g r o u p C o m m a n d : s h o w s i m g r o u p...
Page 131: Reconfig
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual T o t a l E n t r i e s : 3 D G S - 3 2 0 0 - 1 0 : 4 # 14-4 reconfig Purpose Used to re-Telnet to member.
Page 132 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Add a specific candidate to group. candidate_id The password of candidate if necessary. password Remove a specific member from group. member_id Restrictions You must have administrator privilege. Examples...
Page 133: Config Sim
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 14-6 config sim Purpose Used to configure the role state and parameters of discovery protocol on the switch. Format config sim [ [ commander { group_name <groupname 64> } | candidate ] |dp_interval <sec 30-90> | hold_time <sec 100-255>...
Page 134: Download Sim_Ms
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual To update name of group: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s i m c o m m a n d e r g r o u p _ n a m e m y g r o u p C o m m a n d : c o n f i g s i m c o m m a n d e r g r o u p _ n a m e m y g r o u p S u c c e s s .
Page 135 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description ipaddr Specifes the ipaddress of TFTP server. Specifes the file path of firmware of configuration in TFTP server. path_filename Specifies a range of members which download this firmware or members configuration.
Page 136: Upload Sim_Ms
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual M A C A d d r e s s R e s u l t - - - - - - - - - - - - - - - - - - - -...
Page 137: Safeguard Engine Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 15 Safeguard Engine Command List config safeguard_engine{ state [enable|disable]| utilization{rising <20-100>| falling <20-100>} | trap_log [enable|disable] | mode [ strict | fuzzy] } show safeguard_engine 15-1 config safeguard_engine Purpose To configure the safeguard engine.
Page 138: Show Safeguard_Engine
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Config utilization rising threshold , the range rising is between 20%-100% , if the CPU utilization is over the rising threshold, the switch enters exhausted mode. Config utilization falling threshold , the range...
Page 139 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To show safeguard engine information: D G S - 3 2 0 0 - 1 0 : 4 #show safeguard_engine Command: show safeguard_engine Safeguard engine state : Enabled Safeguard engine current status : exhausted mode...
Page 140: Layer 2
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual V. Layer 2 The Layer 2 section includes the following chapters: MSTP, FDB, MAC Notification, Mirror, VLAN/Protocol VLAN, Link Aggregation, LACP Configuration, Traffic Segmentation, Port Security, and Static MAC-based VLAN.
Page 141: Mstp Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 16 MSTP Command List show stp show stp instance <value 0-15> show stp ports { <portlist> } show stp mst_config_id create stp instance_id <value 1-15> delete stp instance_id <value 1-15> config stp instance_id <value 1-15> [add_vlan|remove_vlan] <vidlist>...
Page 142: Show Stp Instance
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show stp command is used to show the bridge parameters global settings. Parameters None. Restrictions None. Examples To show STP: D G S - 3 2 0 0 - 1 0 : 4 # s h o w s t p...
Page 143: Show Stp Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Description MSTP instance ID. Instance 0 represents the default instance: CIST. instance The bridge supports a total 16 Instance（0-15）at most. Restrictions None. Examples To show STP instances: D G S - 3 2 0 0 - 1 0 : 4 # s h o w s t p i n s t a n c e...
Page 144: Show Stp Mst_Config_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show stp ports {<portlist>} Description This command displays each port's parameter settings. If the portlist is not input, all ports will be shown. If there are multi instances on this bridge, the parameters of the port on different instances will be shown.
Page 145: Create Stp Instance_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show stp mst_config_id Description Show the three elements of the MST configuration Identification, including Configuration Name, Revision Level, and the MST configuration Table. The default Configuration name is the MAC address of the bridge.
Page 146: Delete Stp Instance_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description To create a new MST instance independent from the default Instance: CIST （Instance 0). After creating the MST instance, you need to configure the VLANs（using commands in 47-7), or the newly created MST instance will still be in a disabled state .
Page 147: Config Stp Instance_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privilege. Examples To delete an MSTP instance: D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e s t p i n s t a n c e _ i d 2 C o m m a n d : d e l e t e s t p i n s t a n c e _ i d 2 S u c c e s s .
Page 148: Config Stp Mst_Config_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p i n s t a n c e _ i d 2 a d d _ v l a n 1 t o 3 C o m m a n d : c o n f i g s t p i n s t a n c e _ i d 2 a d d _ v l a n 1 t o 3 S u c c e s s .
Page 149: Enable Stp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p m s t _ c o n f i g _ i d n a m e R & D _ B l o c k G r e v i s i o n _ l e v e l 1 C o m m a n d s : c o n f i g s t p m s t _ c o n f i g _ i d n a m e R &...
Page 150: Config Stp Version
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format disable stp Description To disable STP functionality in every existing instance. Parameters None. Restrictions You must have administrator privilege. Examples To disable STP: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e s t p C o m m a n d : d i s a b l e s t p S u c c e s s .
Page 151: Config Stp Priority
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privilege. Examples To configure the STP version: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p v e r s i o n m s t p C o m m a n d : c o n f i g s t p v e r s i o n m s t p S u c c e s s .
Page 152: Config Stp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To configure the STP instance ID: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p p r i o r i t y 6 1 4 4 0 i n s t a n c e _ i d 0 C o m m a n d : c o n f i g s t p p r i o r i t y 6 1 4 4 0 i n s t a n c e _ i d 0 S u c c e s s .
Page 153: Config Stp Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To config STP: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p m a x a g e 2 5 C o m m a n d : c o n f i g s t p m a x a g e 2 5 S u c c e s s .
Page 154: Config Stp Mst_Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Decides if this port supports the STP functionality. state Decides if this port is to be selected as Root Port or not. The default restricted_role value is false. Decides if this port is to to propagate a topology change or not. The...
Page 155 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Instance = 0 represents CIST, Instance from 1 to 15 represents instance_id MSTI 1 - MSTI 15 . The Port Path Cost used in MSTP. internal_cost The Port Priority. priority Restrictions You must have administrator privilege.
Page 156: Fdb Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 17 FDB Command List create fdb <vlan_name 32> <macaddr> port <port> create multicast_fdb <vlan_name 32> <macaddr> config multicast_fdb <vlan_name 32> <macaddr> [add | delete] <portlist> config fdb aging_time <sec 10-875> config multicast vlan_filtering_mode [vlanid <vidlist>|vlan <vlan_name 32>|all] [forward_unregistered_groups|filter_unregistered_groups] delete fdb<vlan_name 32>...
Page 157: Create Multicast_Fdb
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e f d b d e f a u l t 0 0 - 0 0 - 0 0 - 0 0 - 0 1 - 0 2 p o r t 5 C o m m a n d : c r e a t e f d b d e f a u l t 0 0 - 0 0 - 0 0 - 0 0 - 0 1 - 0 2 p o r t 5 S u c c e s s .
Page 158: Config Fdb Aging_Time
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config multicast_fdb <vlan_name 32> <macaddr> [add | delete] <portlist> Description The config multicast_fdb command configures the multicast MAC address forwarding table. Parameters Parameters Description The name of the VLAN on which the MAC address resides.
Page 159: Config Multicast Vlan_Filtering_Mode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Description Specifies the time, in seconds, that a dynamically learned MAC aging_time address will remain in the switch’s MAC address forwarding table, without being accessed, before being dropped from the database.
Page 160: Delete Fdb
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure the the multicast packet filtering mode for all VLAN: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g m u l t i c a s t v l a n _ f i l t e r i n g _ m o d e a l l f o r w a r d _ u n r e g i s t e r e d _ g r o u p s C o m m a n d : c o n f i g m u l t i c a s t p o r t f i l t e r i n g _ m o d e a l l f o r w a r d _ u n r e g i s t e r e d _ g r o u p s S u c c e s s .
Page 161: Clear Fdb
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 17-7 clear fdb Purpose Used to clear the switch’s forwarding database of all dynamically learned MAC addresses. Format clear fdb [vlan <vlan_name 32> | port <port> | all ] Description The clear fdb command clears the switch’s forwarding database of all dynamically learned MAC addresses.
Page 162: Show Fdb
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show multicast_fdb command displays the contents of the switch’s multicast forwarding database. Parameters Parameters Description The name of the VLAN on which the MAC address resides. The vlan_name 32 maximum length is 32.
Page 163: Show Multicast Vlan_Filtering_Mode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Displays the entries for one port. port Displays the entries for a specific VLAN. vlan_name 32 Displays all permanent entries. static Displays the unicast MAC address aging time.
Page 164 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Displays the entries by VLAN ID list. vidlist Displays the entries for a specific VLAN. vlan_name 32 Restrictions None. Examples To show multicast filtering mode for ports: D G S - 3 2 0 0 - 1 0 : 4 # s h o w m u l t i c a s t v l a n _ f i l t e r i n g _ m o d e...
Page 165: Mac Notification Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 18 MAC Notification Command List enable mac_notification disable mac_notification config mac_notification{interval <int 1-2147483647>|historysize <int 1-500>} config mac_notification ports [<portlist>|all] [enable|disable] show mac_notification show mac_notification ports{<portlist>} 18-1 enable mac_notification Purpose Used to enable global MAC address table notification on the switch.
Page 166: Config Mac_Notification
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Disable global MAC address table notification on the switch. Parameters None. Restrictions You must have administrator privileges. Examples To disable the MAC notification function: D G S - 3 2 0 0 - 1 0 : 4 # disable mac_notification Command: disable mac_notification Success.
Page 167: Config Mac_Notification Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # config mac_notification interval 1 historysize 500 Command: config mac_notification interval 1 historysize 500 Success. D G S - 3 2 0 0 - 1 0 : 4 #...
Page 168: Show Mac_Notification Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show mac_notification Description Used to display the switch’s MAC address table notification global settings. Parameters None. Restrictions None. Examples To show the switch’s MAC address table notification global settings: D G S - 3 2 0 0 - 1 0 : 4 # show mac_notification...
Page 169 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Examples To display the MAC address table notification status settings of all ports: D G S - 3 2 0 0 - 1 0 : 4 # show mac_notification ports...
Page 170: Mirror Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 19 Mirror Command List config mirror port <port> [add|delete] source ports <portlist> [rx | tx | both] enable mirror disable mirror show mirror 19-1 config mirror port Purpose Used to configure a mirror port − a source port pair on the switch. Traffic from any source port to a target port can be mirrored for real-time analysis.
Page 171: Enable Mirror
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To add mirroring ports: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g m i r r o r p o r t 6 a d d s o u r c e p o r t s 1 - 5 b o t h C o m m a n d : c o n f i g m i r r o r p o r t 6 a d d s o u r c e p o r t s 1 - 5 b o t h S u c c e s s .
Page 172: Disable Mirror
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 19-3 disable mirror Purpose Used to disable a previously entered port mirroring configuration. Format disable mirror Description This command, combined with the enable mirror command above, allows you to enter a port mirroring configuration into the switch, and then turn the port mirroring on and off without having to modify the port mirroring configuration.
Page 173 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Examples To display mirroring configuration: D G S - 3 2 0 0 - 1 0 : 4 # s h o w m i r r o r...
Page 174: Vlan Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 20 VLAN Command List create vlan <vlan_name 32 > tag <vlanid 2-4094> { type 1q_vlan advertisement } create vlan vlanid <vlanid_list> { advertisement } delete vlan <vlan_name> delete vlan vlanid <vlanid_list>...
Page 175: Delete Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description The name of the VLAN to be created. vlan_name The VLAN ID of the VLAN to be created. vlan vlanid The VLAN ID of the VLAN to be created. The range is from 2 to 4094.
Page 176: Config Vlan Add Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To remove a VLAN v1: D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e v l a n v 1 C o m m a n d : d e l e t e v l a n v 1 S u c c e s s .
Page 177: Config Vlan Delete Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g v l a n v 1 a d d t a g g e d 4 - 8 C o m m a n d : c o n f i g v l a n v 1 a d d t a g g e d 4 - 8 S u c c e s s .
Page 178: Config Vlan Advertisement
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 20-5 config vlan advertisement Purpose Used to enable or disable the VLAN advertisement. Format config vlan vlanid <vidlist> advertisement [ enable | disable ] Description The config vlan advertisement command enables or disables the VLAN advertisement.
Page 179: Enable Gvrp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameter Parameters Description A range of ports for which you want ingress checking. The beginning portlist and end of the port list range are separated by a dash. Enables or disables GVRP for the ports specified in the port list.
Page 180: Disable Gvrp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameter None. Restrictions You must have administrator privileges. Example To enable the generic VLAN Registration Protocol (GVRP): D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e g v r p C o m m a n d : e n a b l e g v r p S u c c e s s .
Page 181: Show Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 20-9 show vlan Purpose Used to show the VLAN information including of parameters setting and operational value. Format show vlan { <vlan_name 32> | vlanid <vlanid_list> | ports <portlist>} Description The show vlan command displays summary information about each VLAN, which includes: VLAN ID, VLAN Name, Tagged/Untagged/Forbidden status for each port, and Member/Non-member status for each port.
Page 182: Show Gvrp
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w v l a n p o r t s 1 - 2 C o m m a n d : s h o w v l a n p o r t s 1 - 2...
Page 183: Enable Pvid Auto_Assign
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual E n a b l e d E n a b l e d O n l y V L A N - t a g g e d f r a m e s...
Page 184: Disable Pvid Auto_Assign
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 20-12 disable pvid auto_assign Purpose Disable auto assignment of PVID. Format disable pvid auto_assign Description The command disables the auto-assignment of PVID. If “auto-assign PVID” is disabled, PVID can only be changed by PVID configuration (user changes explicitly).
Page 185 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description This command displays the PVID auto-assign state. Parameters None. Restrictions user level Example To display PVID auto-assignment state. D G S - 3 2 0 0 - 1 0 : : 4 # s h o w p v i d a u t o _ a s s i g n P V I D A u t o - a s s i g n m e n t : E n a b l e d .
Page 186: Protocol Vlan Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 21 Protocol VLAN Command List create dot1v_protocol_group group_id < id> {group_name <name>} config dot1v_protocol_group [group_id < id> | group_name <name> ] add protocol [ethernet_2| ieee802.3_snap| ieee802.3_llc] < protocol_value> config dot1v_protocol_group [group_id < id> | group_name <name> ] delete protocol [ethernet_2 | ieee802.3_snap |...
Page 187: Config Dot1V_Protocol_Group Add Protocol
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual For example: The auto-generated name for group ID 1 is “ProtocolGroup1”. If this name already exists, then ProtocolGroup1ALT1 will be used instead. Restrictions You must have administrator privileges. 21-2 config dot1v_protocol_group add protocol Purpose To add a protocol to a protocol group.
Page 188: Config Dot1V_Protocol_Group Delete Protocol
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 21-3 config dot1v_protocol_group delete protocol Purpose Used to delete a protocol from protocol group. Format config dot1v_protocol_group [group_id < id>| group_name <name> ] delete protocol [ethernet_2| ieee802.3_snap| eee802.3_llc] < protocol_value.> Description To delete a protocol from a protocol group.
Page 189: Show Dot1V_Protocol_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Description Specifies the group ID to be deleted. group_id The name of the protocol group. group_name Restrictions You must have administrator privileges. 21-5 show dot1v_protocol_group Purpose Display the protocols defined in a protocol group.
Page 190: Show Port Dot1V
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies a range of ports to apply this command. portlist Group ID of the protocol group. group_id The name of the protocol group. group_name VLAN that is to be associated with this protocol group on this port.
Page 191: Link Aggregation Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 22 Link Aggregation Command List create link_aggregation group_id <value 1-5> {type [ lacp | static ] } delete link_aggregation group_id <value 1-5> config link_aggregation group_id <value 1-5> {master_port <port> | ports <portlist> | state...
Page 192: Delete Link_Aggregation Group_Id
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 22-2 delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group. Format delete link_aggregation group_id <value 1-5> Description The delete link_aggregation group_id command is used to delete a previously configured link aggregation group.
Page 193: Config Link_Aggregation Algorithm
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies the group ID. The group number identifies each of the group_id groups. The switch allows up to five link aggregation groups to be configured. The master port ID. Specifies which port (by port number) of the link master_port aggregation group will be the master port.
Page 194: Show Link_Aggregation
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Indicates that the switch should examine the MAC source and mac_source_dest destination address. Indicates that the switch should examine the IP source and destination ip_source_dest address. Restrictions You must have administrator privileges.
Page 195 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Example Link aggregation group enabled: D G S - 3 2 0 0 - 1 0 : 4 # s h o w l i n k _ a g g r e g a t i o n...
Page 196: Lacp Configuration Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 23 LACP Configuration Command List config lacp_ports <portlist> mode [active|passive] show lacp_ports {<portlist>} 23-1 config lacp_ports Purpose Configure current mode of LACP of port . Format config lacp_ports <portlist> mode [active|passive] Description The config lacp command config per-port LACP mode.
Page 197 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The display per-port LACP mode. Parameters Parameters Description Specified a range of ports to be configured. portlist If no parameter is specified, the system will display current LACP and all port status.
Page 198: Traffic Segmentation Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 24 Traffic Segmentation Command List config traffic_segmentation [<portlist>|all] forward_list[null|all\<portlist>] show traffic_segmentation {<portlist>} 24-1 config traffic_segmentation Purpose Used to configure the traffic segmentation. Format config traffic_segmentation [<portlist>|all] forward_list[null|all\<portlist>] Description The config traffic_segmentation command configures the traffic segmentation.
Page 199: Show Traffic_Segmentation
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 24-2 show traffic_segmentation Purpose Used to display current traffic segmentation table. Format show traffic_segmentation {<portlist>} Description The show traffic_segmentation command displays current traffic segmentation table. Parameters Parameters Description Specifies a range of ports to be displayed.
Page 200: Port Security Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 25 Port Security Command List config port_security ports | all ] { admin_state [enable | disable] |max_learning_addr <max_lock_no 0-16> | lock_address_mode [Permanent|DeleteOnTimeout|DeleteOnReset] delete port_security_entry vlan_name<vlan_name 32> port <port> mac_address <macaddr> clear port_security_entry port <portlist>...
Page 201: Delete Port_Security_Entry
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual DeleteOnTimeout The locked addresses can be aged out after aging timer expire never age out the locked addresses unless restart DeleteOnReset the system to prevent from port movement or intrusion. Restrictions You must have administrator privileges.
Page 202: Clear Port_Security_Entry
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To delete a default route from the routing table: D G S - 3 2 0 0 - 1 0 : 4 # delete port_security_entry vlan_name default mac_address 00-01-30-10-2C-C7 port 6 Command: delete port_security_entry vlan_name default mac_address 00-01-30-10-2C-C7 port 6 Success.
Page 203: Show Port_Security
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 25-4 show port_security Purpose Used to display the port security related information of the switch ports. Format show port_security {ports <portlist>} Description The show port_security command displays the port security related information of the switch ports including the port security admin state, the maximum number of learning addresses, and the lock mode.
Page 204: Disable Port_Security Trap_Log
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format enable port_security trap_log Description When the port_security trap is enabled, if there's a new MAC that violates the pre-defined port security configuration, a trap will be sent out with the info of the MAC and port, and the relevant information will be logged.
Page 205 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e p o r t _ s e c u r i t y t r a p _ l o g C o m m a n d : d i s a b l e p o r t _ s e c u r i t y t r a p _ l o g S u c c e s s .
Page 206: Static Mac-Based Vlan Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 26 Static MAC-based VLAN Command List create mac_based_vlan mac_address <macaddr> vlan <vlan_name 32> delete mac_based_vlan {mac_address <macaddr> vlan <vlan_name 32>} show mac_based_vlan {mac_address <macaddr> vlan <vlan_name 32>} 26-1 create mac_based_vlan Purpose Used to create a static mac-based VLAN entry.
Page 207: Show Mac_Based_Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description User use this command to delete a database entry. If the MAC address and VLAN are not specified, all static entries associated with the port will be removed. Parameters Parameters Description The MAC address.
Page 208 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual VI. IP The IP section includes the following chapters: Basic IP, Auto Config, Routing Table, ARP, and Loopback Detection.
Page 209: Basic Ip Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 27 Basic IP Command List config ipif <ipif_name>[{ipaddress<network_address> |vlan<vlan_name >|state [ enable|disable]}| bootp |dhcp | ipv6 ipv6address <ipv6networkaddr>] create ipif <ipif_name > {<network_address>} <vlan_name > {state [enable|disable]} delete ipif [<ipif_name > {ipv6address <ipv6networkaddr>} | all] enable ipif [<ipif_name 12>...
Page 210: Create Ipif
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure the System IP interface: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g i p i f S y s t e m v l a n v 1 C o m m a n d : c o n f i g i p i f S y s t e m v l a n v 1 S u c c e s s .
Page 211: Delete Ipif
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e i p i f i p V L A N 2 C o m m a n d : c r e a t e i p i f i p i f i p V L A N 2 S u c c e s s .
Page 212: Enable Ipif
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 27-4 enable ipif Purpose Enable the admin state for an interface. Format enable ipif [<ipif_name 12> | all] Description Enable the state for an IPIF. When the state is enabled, the IPv4 processing will be started when the IPv4 address is configured on the IPIF.
Page 213: Show Ipif
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description The name of the interface. ipif_name All the IP interface Restrictions You must have administrator privileges. Examples To disable the state for an interface. DGS-3200-10:4#disable ipif interface1 Command: disable ipif interface1 Success.
Page 214: Enable Ipif_Ipv6_Link_Local_Auto
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w i p i f C o m m a n d : s h o w i p i f...
Page 215: Disable Ipif_Ipv6_Link_Local_Auto
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples Enable the automatic configuration of link local address for an interface. DGS-3200-10:4#enable ipif_ipv6_link_local_auto interface1 Command: enable ipif_ipv6_link_local_auto interface1 Success. DGS-3200-10:4# disable 27-8 ipif_ipv6_link_local_auto Purpose Disable the auto configuration of link local address when no IPv6 address is configured.
Page 216: Show Ipif_Ipv6_Link_Local_Auto
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual show 27-9 ipif_ipv6_link_local_auto Purpose To display the link local address automatic configuration state. Format show ipif_ipv6_link_local_auto {<ipif_name 12>} Description Use this command to display the link local address automatic configuration state.
Page 217: Auto Config Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 28 Auto Config Command List show autoconfig enable autoconfig disable autoconfig 28-1 show autoconfig Purpose Used to show DHCP auto configuration status. Format show autoconfig Description Show DHCP auto configuration status.
Page 218: Disable Autoconfig
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions Administrator Level. Example To enable DHCP auto configuration status: D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e a u t o c o n f i g C o m m a n d : e n a b l e a u t o c o n f i g S u c c e s s .
Page 219: Routing Table Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 29 Routing Table Command List create iproute default <ipaddr> {<metric 1-65535>} delete iproute default show iproute {<static>} create ipv6route [default] [<ipif_name 12> <ipv6addr> |<ipv6addr>] {<metric 1-65535>} delete ipv6route [default] [ <ipif_name 12> <ipv6addr> | <ipv6addr> ] | all]...
Page 220: Delete Iproute Default
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 29-2 delete iproute default Purpose Used to delete a default IP route entry. Format delete iproute default Description The delete iproute default command deletes a default route entry. Parameters None. Restrictions You must have administrator privileges.
Page 221: Create Ipv6Route
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Examples To display the contents of the IP routing table: D G S - 3 2 0 0 - 1 0 : 4 # s h o w i p r o u t e...
Page 222: Delete Ipv6Route
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples DGS-3200-10:4#create ipv6route default System FEC0::5 Command: create ipv6route default System FEC0::5 Success. DGS-3200-10:4# 29-5 delete ipv6route Purpose To delete an IPv6 static route. Format delete ipv6route [default] [ <ipif_name>...
Page 223: Show Ipv6Route
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 29-6 show ipv6route Purpose To display IPv6 routes. Format show ipv6route Description Used to display IPv6 routes. Parameters None. Restrictions None. Examples To display an IPv6 route: DGS-3200-10:4#show ipv6route Command: show ipv6route...
Page 224: Arp Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 30 ARP Command List create arpentry <ipaddr> <macaddr> delete arpentry { <ipaddr> | all } config arpentry <ipaddr> <macaddr> config arp_aging time <value 0-65535> clear arptable show arpentry {ipif <ipif_name 12> | ipaddress <ipaddr> | static }...
Page 225: Delete Arpentry
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 30-2 delete arpentry Purpose Used to delete a static entry into the ARP table. Format delete arpentry {<ipaddr> | all} Description The delete arpentry command is used to delete a static ARP entry, made using the create arpentry command above, by specifying either the IP address of the entry or all.
Page 226: Config Arp_Aging Time
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual MAC address of the entry. Parameters Parameters Description The IP address of the end node or station. ipaddr The MAC address corresponding to the IP address above. macaddr Restrictions You must have administrator privileges.
Page 227: Show Arpentry
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To configure the ARP aging time: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g a r p _ a g i n g t i m e 3 0 C o m m a n d : c o n f i g a r p _ a g i n g t i m e 3 0 S u c c e s s .
Page 228: Clear Arptable
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w a r p e n t r y C o m m a n d : s h o w a r p e n t r y...
Page 229: Loopback Detection Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 31 Loopback Detection Command List config loopdetect {recover_timer [ 0 | <value 60-1000000>] | interval <1-32767> | mode [port-based | vlan-based]] (1) config loopdetect ports [<portlist>| all] state [enable | disable ]...
Page 230: Config Loopdetect Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restriction You must have administrator privileges. Examples To set a recover time of 0 and an interval of 20 in VLAN-based mode: loopdetect D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g...
Page 231: Enable Loopdetect
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual loopdetect D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g p o r t s 1 - 5 s t a t e e n a b l e...
Page 232: Show Loopdetect
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The disable loopdetect command allows the Loop Detection Function to be globally disabled on the switch. The default value is enabled. Parameters None. Restrictions You must have administrator privileges. Examples...
Page 233: Show Loopdetect Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual loopdetect D G S - 3 2 0 0 - 1 0 : 4 # s h o w loopdetect C o m m a n d : s h o w...
Page 234 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual loopdetect D G S - 3 2 0 0 - 1 0 : 4 # s h o w p o r t s 1 - 9 loopdetect C o m m a n d : s h o w...
Page 235: Multicast
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual VII. Multicast The Multicast section includes the following chapters: IGMP Snooping, MLD Snooping, and Limited Multicast IP Address.
Page 236: Igmp Snooping Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 32 IGMP Snooping Command List config igmp_snooping [vlan_name <vlan_name 32> | vlanid <vlanid_list> |all] { host_timeout <sec 1-16711450> | router_timeout <sec 1-16711450> | leave_timer <sec 1-16711450> | state [enable|disable] | fast_leave [enable|disable] } config igmp_snooping querier [vlan_name <vlan_name 32>...
Page 237: Config Igmp_Snooping Querier
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual switch’s can be a member of a multicast group without the switch receiving a host membership report. The default is 260 seconds. Leave timer. The default setting is 2. leave_timer Enable or disable IGMP snooping for the chosen VLAN.
Page 238 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Specifies the amount of time in seconds between general query query_interval transmissions. the default setting is 125 seconds.. The maximum time in seconds to wait for reports from members. The max_reponse_time default setting is 10 seconds.
Page 239: Config Router_Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure the IGMP snooping querier: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g i g m p _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t e e n a b l e C o m m a n d : c o n f i g i g m p _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t e e n a b l e S u c c e s s .
Page 240: Config Router_Ports_Forbidden
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g r o u t e r _ p o r t s d e f a u l t a d d 1 - 1 0 C o m m a n d : c o n f i g r o u t e r _ p o r t s d e f a u l t a d d 1 - 1 0 S u c c e s s .
Page 241: Enable Igmp_Snooping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 32-5 enable igmp_snooping Purpose Used to enable IGMP snooping on the switch. Format enable igmp_snooping Description The enable igmp_snooping command allows you to enable IGMP snooping on the switch. Parameters None.
Page 242: Show Igmp_Snooping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To disable IGMP snooping on the switch: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e i g m p _ s n o o p i n g C o m m a n d : d i s a b l e i g m p _ s n o o p i n g S u c c e s s .
Page 243: Show Igmp_Snooping Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w i g m p _ s n o o p i n g...
Page 244: Show Router_Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Examples To show the IGMP snooping group: D G S - 3 2 0 0 - 1 6 : 4 # s h o w i g m p _ s n o o p i n g g r o u p...
Page 245 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description The name of the VLAN on which the router port resides. vlan_name Displays router ports that have been statically configured. static Displays router ports that have been dynamically registered.
Page 246: Mld Snooping Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 33 MLD Snooping Command List config mld_snooping [ <vlan_name 32> | vlanid <vlanid_list> |all] { node_timeout <sec 1-16711450> | router_timeout <sec 1-16711450> | done_timer <sec 1-16711450> | state [enable|disable] | fast_done [enable|disable] } config mld_snooping querier [ <vlan_name 32>...
Page 247: Config Mld_Snooping Querier
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual The done timer. The default setting is 2. done_timer enable or disable MLD snooping for the chosen VLAN. state enable or disable the MLD snooping fast done function. If enabled, fast_done the membership is immediately removed when the system receives the MLD done message.
Page 248 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual The maximum time in seconds to wait for reports from listeners. The max_reponse_time default setting is 10 seconds. Provides fine-tuning to allow for expected packet loss on a subnet. robustness_variable The value of the robustness variable is used in calculating the following MLD message intervals: •...
Page 249: Config Mld_Snooping Mrouter_Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g m l d _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t e e n a b le C o m m a n d : c o n f i g m l d _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t e e n a b l e S u c c e s s .
Page 250: Enable Mld_Snooping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config mld_snooping mrouter_ports_forbidden <vlan_name 32> [add|delete] <portlist> Description The config mld_snooping mrouter_ports_forbidden command allows you to designate a range of ports as being not connected to multicast-enabled routers. This ensures that the forbidden router port will not propagate routing packets out.
Page 251: Disable Mld_Snooping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example To enable MLD snooping on the switch: D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e m l d _ s n o o p i n g C o m m a n d : e n a b l e m l d _ s n o o p i n g S u c c e s s .
Page 252: Show Mld_Snooping
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 33-7 show mld_snooping Purpose Used to show the current status of MLD snooping on the switch. Format show mld_snooping {vlan <vlan_name 32>| vlanid <vlanid_list> } Description The show mld_snooping command will display the current MLD snooping configuration on the switch.
Page 253: Show Mld_Snooping Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual F a s t D o n e : D i s a b l e d V e r s i o n T o t a l E n t r i e s : 1...
Page 254: Show Mld_Snooping Mrouter_Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual S o u r c e / G r o u p 2 0 0 0 : : 1 0 0 : 1 0 : 1 0 : 5 / F F 0 E : : 1 0 0 : 0 : 0 : 2 0...
Page 255 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To display the router ports. D G S - 3 2 0 0 - 1 0 : 4 # s h o w mld_snooping m r o u t e r _ p o r t s...
Page 256: Limited Multicast Ip Address Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 34 Limited Multicast IP Address Command List create mcast_filter_profile profile_id <value 1-24> profile_name <name> config mcast_filter_profile [profile_id < value 1-24>| profile_name <name> ] { profile_name <name> | [add | delete ] <mcast_address_list>} delete mcast_filter_profile profile_id [<value 1-24>...
Page 257: Config Mcast_Filter_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # create mcast_filter_profile profile_id 2 profile_name MOD Command: create mcast_filter_profile profile_id 2 profile_name MOD Success. D G S - 3 2 0 0 - 1 0 : 4 #...
Page 258: Show Mcast_Filter_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format delete mcast_filter_profile profile_id [<value 1-24> | all] Description This command delete a multicast address profile Parameters Parameters Description The ID of the profile profile_id All multicast address profiles will be deleted.
Page 259: Config Limited_Multicast_Addr
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions user level Examples show mcast_filter_profile D G S - 3 2 0 0 - 1 0 : 4 # show mcast_filter_profile C o m m a n d : P r o f i l e I D...
Page 260: Show Limited Multicast Addr
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual A profile to be added to or deleted from the port profile_id Specifies that the packet that match the addresses defined in the permit profiles will be permitted. The default mode is permit.
Page 261: Config Max_Mcast_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions user level Examples To display a limited multicast address range: D G S - 3 2 0 0 - 1 0 : 4 # s h o w l i m i t e d _ m u l t i c a s t _ a d d r 1 , 3...
Page 262: Show Max_Mcast_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Description A range of ports to config the max_mcast_group. <portlist> Specifies the maximum number of the multicast groups. The range max_group is from 1 to 256 or infinite. Infinite is the default setting.
Page 263 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # show max_mcast_group ports 1 Command: show max_mcast_group ports 1 Port Max Multicast Group Number -------- ----------------------------- D G S - 3 2 0 0 - 1 0 : 4 #...
Page 264: Security
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual VIII. Security The Security section includes the following chapters: 802.1X, Access Authentication Control, SSL, SSH, IP-MAC-Port Binding (IMPB), Web-based Access Control, MAC-based Access Control, and JWAC.
Page 265: 802.1X Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 35 802.1X Command List enable 802.1x disable 802.1x create 802.1x user <username 15> delete 802.1x user <username 15> show 802.1x user config 802.1x auth_protocol [local|radius_eap] show 802.1x [auth_state | auth_configuration] {ports <portlist>} config 802.1x capability ports [<auth_portlist>|all] [authenticator|none]...
Page 266: Enable 802.1X
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual show auth_client show acct_client 35-1 enable 802.1x Purpose Used to enable the 802.1x function. Format enable 802.1x Description The enable 802.1x command enables 802.1x function. Parameters None. Restrictions You must have administrator privileges.
Page 267: Create 802.1X User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions You must have administrator privileges. Examples To disable the 802.1x function: D G S - 3 2 0 0 - 1 0 : 4 # d i s a b l e 8 0 2 . 1 x C o m m a n d : d i s a b l e 8 0 2 .
Page 268: Delete 802.1X User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e 8 0 2 . 1 x u s e r c t s n o w C o m m a n d : c r e a t e 8 0 2 .
Page 269: Show 802.1X User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 35-5 show 802.1x user Purpose Used to display the 802.1x user. Format show 802.1x user Description The show 802.1x user command displays the 802.1x user account information. Parameters None. Restrictions None.
Page 270: Show 802.1X
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies the auth protocol as local. local Specifies the auth protocol as RADIUS EAP radius_eap Restrictions You must have administrator privilege. Examples To config the 802.1x RADIUS EAP: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g 8 0 2 .
Page 271 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To display the 802.1x states: D G S - 3 2 0 0 - 1 0 : 4 # s h o w 8 0 2 . 1 x a u t h _ s t a t e p o r t s 1 - 5 C o m m a n d : s h o w 8 0 2 .
Page 272: Config 802.1X Capability
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 35-8 config 802.1x capability Purpose Used to configure the port capability. Format config 802.1x capability ports [<portlist>|all] [authenticator|none] Description The config 802.1x capability command configures the port capability. Parameters Parameters Description Specifies a range of ports to be configured.
Page 273 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The config 802.1x auth_parameter command configures the parameters that control the operation of the authenticator associated with a port. Parameters Parameters Description Specifies a range of ports to be configured.
Page 274: Config 802.1X Auth_Mode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To configure the parameters that control the operation of the authenticator associated with a port: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g 8 0 2 . 1 x a u t h _ p a r a m e t e r p o r t s 1 : 1 - 1 : 2 0 d i r e c t i o n b o t h C o m m a n d : c o n f i g 8 0 2 .
Page 275: Config 802.1X Reauth
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config 802.1x init [port_based ports [<portlist|all>] |mac_based ports [<portlist>|all] {mac_address <macaddr>}] Description The config 802.1x init command used to initialize the authentication state machine of some or all. Parameters Parameters Description Configure the authentication as port-based mode.
Page 276: Create 802.1X Guest_Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Switch pass data based on its authenticated port. port_based Switch pass data based on MAC address of authenticated RADIUS mac_based client. Specifies a range of ports to be configured.
Page 277: Delete 802.1X Guest_Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. The specific VLAN which is assigned to a guest VLAN must already exist. The specific VLAN which is assigned to the guest VLAN can’t be deleted.
Page 278: Config 802.1X Guest Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 35-15 config 802.1x guest vlan Purpose Used to configure a guest VLAN setting. Format config 802.1x guest_vlan ports [<portlist>|all] state [enable | disable] Description The config guest vlan command will config a guest VLAN setting.
Page 279: Config Radius Add
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show guest vlan command allows you to show the information of a guest VLAN. Parameter None. Restrictions None. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w 8 0 2 . 1 x g u e s t _ v l a n C o m m a n d : s h o w 8 0 2 .
Page 280: Config Radius Delete
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual used to encrypt user’s authentication data before being transmitted over the Internet. The maximum length of the key is 32. Sets the auth_port to be 1812 and acct_port to be 1813.
Page 281: Config Radius
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To delete a RADIUS server: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g r a d i u s d e l e t e 1 C o m m a n d : c o n f i g r a d i u s d e l e t e 1 S u c c e s s .
Page 282: Show Radius
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure a RADIUS server: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g r a d i u s a d d 1 1 0 . 4 8 . 7 4 . 1 2 1 k e y d l i n k d e f a u l t C o m m a n d : c o n f i g r a d i u s a d d 1 1 0 .
Page 283: Show Auth_Statistics
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual R e t r a n s m i t K e y : a d f d s l k f j e f i e f d k g j d a s s d w t g j k 6 y 1 w...
Page 284: Show Auth_Diagnostics
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To display authenticator statistics information from port 1 D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ s t a t i s t i c s p o r t s 1...
Page 285: Show Auth_Session_Statistics
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To display authenticator diagnostics information from port 1 D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ d i a g n o s t i c s p o r t s 1...
Page 286: Show Auth_Client
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies a range of ports to be configured. auth_portlist Restrictions None. Examples To display authenticator session statistics information from port 1 D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ s e s s i o n _ s t a t i s t i c s p o r t s 1...
Page 287 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None Examples To display authentication client information: D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ c l i e n t C o m m a n d : s h o w a u t h _ c l i e n t r a d i u s A u t h C l i e n t = = >...
Page 288 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual r a d i u s A u t h S e r v e r I n d e x : 2 r a d i u s A u t h S e r v e r A d d r e s s 0 .
Page 289: Show Acct_Client
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual r a d i u s A u t h C l i e n t P a c k e t s D r o p p e d D G S - 3 2 0 0 - 1 0 : 4 #...
Page 290 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual r a d i u s A c c C l i e n t M a l f o r m e d R e s p o n s e s...
Page 291 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual r a d i u s A c c C l i e n t R o u n d T r i p T i m e r a d i u s A c c C l i e n t R e q u e s t s...
Page 292: Access Authentication Control Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 36 Access Authentication Control Command List enable authen_policy disable authen_policy show authen_policy create authen_login method_list_name <string 15> config authen_login [default | method_list_name <string 15>] method {tacacs | xtacacs | tacacs+ | radius | server_group <string 15> | local | none} delete authen_login method_list_name <string 15>...
Page 293: Enable Authen_Policy
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual config authen parameter attempt <int 1-255> show authen parameter enable admin config admin local_enable <password 0-15> 36-1 enable authen_policy Purpose Used to enable system access authentication policy. Format enable authen_policy Description Enables system access authentication policy.
Page 294: Show Authen_Policy
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Disables system access authentication policy. When authentication is disabled, the device will adopt the local user account database to authenticate the user for login, and adopt the local enable password to authenticate the enable password for promoting the user‘s privilege to Admin level.
Page 295: Create Authen_Login Method_List_Name
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n _ p o l i c y...
Page 296 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config authen_login [default | method_list_name <string 15>] method {tacacs | xtacacs | tacacs+ | radius | server_group <string 15> | local | none} Description Configure a user-defined or default method list of authentication methods for user login. The sequence of methods will effect the authentication result.
Page 297: Delete Authen_Login Method_List_Name
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g a u t h e n _ l o g i n m e t h o d _ l i s t _ n a m e l o g i n _ l i s t _ 1 m e t h o d t a c a c s +...
Page 298: Show Authen_Login
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 36-7 show authen_login Purpose Used to display the method list of authentication methods for user login. Format show authen_login [default | method_list_name <string 15> | all] Description Display the method list of authentication methods for user login.
Page 299: Config Authen_Enable
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Admin level. Format create authen_enable method_list_name <string 15> Description Create a user-defined method list of authentication methods for promoting a user's privilege to Admin level. The maximum supported number of the enable method lists is eight.
Page 300 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual be sent to the first server host in the TACACS+ built-in server group. If the first server host in the TACACS+ group is missing, the authentication request will be sent to the second server host in the TACACS+ group, and so on.
Page 301: Delete Authen_Enable Method_List_Name
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 36-10 delete authen_enable method_list_name Purpose Used to delete a user-defined method list of authentication methods for promoting a user's privilege to Admin level. Format delete authen_enable method_list_name <string 15> Description Delete a user-defined method list of authentication methods for promoting a user's privilege to Admin level.
Page 302: Config Authen Application
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Display default user-defined method list for promoting a user's default privilege to Admin level. Display the specific user-defined method list for a promoting user's method_list_name privilege to Admin level.
Page 303: Show Authen Application
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Configure login or enable method list for all or the specified application. Parameters Parameters Description Application: console. console An application: Telnet. telnet An application: SSH. An application: web. http Applications: console, telnet, SSH, and web.
Page 304: Create Authen Server_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description Display the login/enable method list for all applications. Parameters None. Restrictions None. Examples To display the login/enable method list for all applications: D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n a p p l i c a t i o n...
Page 305: Config Authen Server_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privilege. Examples To create a user-defined authentication server group. D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e a u t h e n s e r v e r _ g r o u p m i x _ 1 C o m m a n d : c r e a t e a u t h e n s e r v e r _ g r o u p m i x _ 1 S u c c e s s .
Page 306: Delete Authen Server_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual The server host’s authentication protocol. protocol xtacacs The server host’s authentication protocol. protocol tacacs+ The server host’s authentication protocol. protocol radius Restrictions You must have administrator privilege. Examples To add an authentication server host to a server group: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g a u t h e n s e r v e r _ g r o u p m i x _ 1 a d d s e r v e r _ h o s t 1 0 .
Page 307: Show Authen Server_Group
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e a u t h e n s e r v e r _ g r o u p m i x _ 1 C o m m a n d : d e l e t e a u t h e n s e r v e r _ g r o u p m i x _ 1 S u c c e s s .
Page 308: Create Authen Server_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # 36-18 create authen server_host Purpose Used to create an authentication server host. Format create authen server_host <ipaddr> protocol [tacacs | xtacacs | tacacs+ | radius] { port <int 1-65535>...
Page 309: Config Authen Server_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privilege. Examples To create a TACACS+ authentication server host, its listening port number is 15555 and the timeout value is 10 seconds: D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e a u t h e n s e r v e r _ h o s t 1 0 . 1 . 1 . 2 2 2 p r o t o c o l t a c a c s + p o r t 1 5 5 5 5 t i m e o u t 1 0 C o m m a n d : c r e a t e a u t h e n s e r v e r _ h o s t 1 0 .
Page 310: Delete Authen Server_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual <key_string 254> The key for TACACS+ and RADIUS authenticaiton. If the value is null, no encryption will apply. This value is meaningless for TACACS and XTACACS. No encryption for TACACS+ and RADIUS none authenticaiton.
Page 311: Show Authen Server_Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description The server host’s IP address. server_host <ipaddr> The server host’s authentication protocol. protocol tacacs The server host’s authentication protocol. protocol xtacacs The server host’s authentication protocol. protocol tacacs+ The server host’s authentication protocol.
Page 312: Config Authen Parameter Response_Timeout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n s e r v e r _ h o s t...
Page 313: Config Authen Parameter Attempt
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 36-23 config authen parameter attempt Purpose Used to configure the maximum attempts for users trying to login or promote the privilege on console, Telnet, or SSH applications. Format config authen parameter attempt <int 1-255>...
Page 314: Enable Admin
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions None. Examples To display the parameters of authentication: D G S - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n p a r a m e t e r...
Page 315: Config Admin Local_Enable
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To enable administrator lever privilege: D G S - 3 2 0 0 - 1 0 : 3 # e n a b l e a d m i n...
Page 316: Ssl Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 37 SSL Command List show ssl certificate download ssl certificate <ipaddr> certfilename <path_filename 64> keyfilename <path_filename 64> enable ssl { ciphersuite { RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5 } }...
Page 317: Download Ssl Certificate
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s s l c e r t i f i c a t e...
Page 318: Enable Ssl
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # d o w n l o a d s s l c e r t i f i c a t e 1 0 . 5 5 . 4 7 . 1 c e r t f i l e n a m e c e r t . d e r k e y f i l e n a m e p k e y .
Page 319: Disable Ssl
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To enable the SSL ciphersuite for RSA_with_RC4_128_MD5: D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e s s l c i p h e r s u i t e R S A _ w i t h _ R C 4 _ 1 2 8 _ M D 5 C o m m a n d : e n a b l e s s l c i p h e r s u i t e R S A _ w i t h _ R C 4 _ 1 2 8 _ M D 5 S u c c e s s .
Page 320: Show Ssl
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual DHE_DSS_with_3DES_EDE_CBC_SHA Indicates DH key exchange with 3DES_EDE_CBC encryption and SHA hash. Indicates RSA_EXPORT key exchange with RC4 40 RSA_EXPORT_with_RC4_40_MD5 bits encryption and MD5 hash. Disables the SSL feature. NULL Restrictions You must have administrator privilege.
Page 321: Show Ssl Cachetimeout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions None. Examples To show SSL: D G S - 3 2 0 0 - 1 0 : 4 # s h o w s s l C o m m a n d s : s h o w s s l...
Page 322: Config Ssl Cachetimeout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To show the SSL cache timeout: D G S - 3 2 0 0 - 1 0 : 4 # s h o w s s l c a c h e t i m e o u t...
Page 323: Ssh Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 38 SSH Command List config ssh algorithm [3DES| AES128| AES192| AES256| arcfour|blowfish| cast128| twofish128| twofish192| twofish256| MD5| SHA1| RSA| DSA] [enable| disable] show ssh algorithm config ssh authmode [password|publickey|hostbased ] [enable|disable] show ssh authmode config ssh user <username>...
Page 324: Show Ssh Algorithm
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual An SSH server public key algorithm. An SSH server public key algorithm. Used to enable the algorithm. enable Used to disable the alogirthm. disable Restrictions You must have administrator privileges. Examples...
Page 325: Config Ssh Authmode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s s h a l g o r i t h m C o m m a n d : s h o w s s h a l g o r i t h m...
Page 326: Show Ssh Authmode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies user authentication method. password Specifies user authentication method. publickey Specifies user authentication method. hostbased Enable user authentication method. enable Disable user authentication method. disable Restrictions You must have administrator privilege.
Page 327: Config Ssh User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w s s h a u t h m o d e C o m m a n d : s h o w s s h a u t h m o d e...
Page 328: Show Ssh User Authmode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To update user “test” authmode: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s s h u s e r t e s t p u b l i c k e y C o m m a n d : c o n f i g s s h u s e r t e s t p u b l i c k e y S u c c e s s .
Page 329: Config Ssh Server
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 38-7 config ssh server Purpose Used to configure the SSH server. Format config ssh server {maxsession <int 1-8>| contimeout <sec 120-600> | authfail {<int 2-20> | rekey [10min|30min|60min|never] } Description The config ssh server command configures SSH server general information.
Page 330: Disable Ssh
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The enable ssh command enables SSH server services. Parameters None. Restrictions You must have administrator privilege. When enabling SSH, Telnet is disabled. Examples D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e s s h C o m m a n d : e n a b l e s s h S u c c e s s .
Page 331: Show Ssh Server
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 38-10 show ssh server Purpose Used to show SSH server. Format show ssh server Description The show ssh server command show SSH server general information. Parameters None. Restrictions None. Examples To show SSH server:...
Page 332: Ip-Mac-Port Binding (Impb) Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 39 IP-MAC-Port Binding (IMPB) Command List create address_binding ip_mac ipaddress <ipaddr> mac_address <macaddr> {ports[ <portlist>| all ] | mode[ arp| acl]} config address_binding ip_mac ports [<portlist> | all] {state[enable| disable] |allow_zeroip [enable| disable]} config address_binding ip_mac ipaddress <ipaddr>...
Page 333: Config Address_Binding Ip_Mac Ports
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual defaults to ARP mode. If the system is in ARP mode, the ARP mode entries and ACL mode entries will be effective. If the system is in ACL mode, only the ACL mode entries will be active;...
Page 334: Delete Address_Binding Address
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual This feature is for the DHCP packet which the source IP allow_zeroip address is zero. enable:The DHCP packet which the source IP is zero can be forwarded. disable:Process according normal logic.
Page 335: Config Address_Binding Address
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To delete an address binding entry : D G S - 3 2 0 0 - 1 0 : 4 #delete address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11 Command: create address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11...
Page 336: Show Address_Binding
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To config an address binding entry : D G S - 3 2 0 0 - 1 0 : 4 #config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11 Command: config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11...
Page 337: Enable Address_Binding Acl_Mode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4#show address_binding ip_mac Command: show address_binding ip_mac ACL_mode : Disabled Trap/Log : Disabled Enabled Ports: Enabled Allow Zero IP Ports:...
Page 338: Disable Address_Binding Acl_Mode
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual If the ACL pool is full before creating all the address binding entries, then the address binding module can not create access entries. The switch will show an error message and the switch will set up these address binding entries as inactive.
Page 339: Enable Address_Binding Trap_Log
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To disable an address binding ACL mode : D G S - 3 2 0 0 - 1 0 : 4 #disable address_binding acl_mode Command: disable address_binding acl_mode Success. D G S - 3 2 0 0 - 1 0 : 4 #...
Page 340: Disable Address_Binding Trap_Log
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 39-9 disable address_binding trap_log Purpose Used to disable the address binding trap/log. Format disable address_binding trap_log. Description User use this command to disable address binding trap log. Parameters None. Restrictions You must have administrator privileges.
Page 341: Web-Based Access Control Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 40 Web-based Access Control Command List enable wac disable wac config wac { vlan <vlan_name 32> | ports [<portlist> | all] | state [enable | disable] | method [local | radius] | | default_redirpath <string 128> | logout_timer [infinite |<min 1-1440>] } create wac user <username 15>...
Page 342: Disable Wac
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 40-2 disable wac Purpose Used to disable the Web-based Access Control function. Format disable wac Description The disable wac command will disable the WAC function. Parameters None. Restrictions You must have administrator privileges.
Page 343 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual The authentication VLAN name. vlan The URL that the client will be redirected to after successful default_redirpath authentication. Initially, the redirected path is empty string. It must be specified by the user before the function can be enabled.
Page 344: Create Wac User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 40-4 create wac user Purpose Used to create a user account for Web-based Access Control. Format create wac user <username 15> vlan <vlan_name 32> Description The create wac command allows you to create an account for Web-based Access Control.
Page 345: Config Wac User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The delete wac command allows you to delete a account. Parameters Parameters Description User account for Web-based Access Control. username Restrictions None. Example To delete a WAC account: D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e w a c u s e r 1 2 3 C o m m a n d : d e l e t e w a c u s e r 1 2 3 S u c c e s s .
Page 346: Show Wac
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example To configure the port state: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g w a c u s e r 1 2 3 v l a n v 1 0 0 C o m m a n d : c o n f i g w a c u s e r 1 2 3 v l a n v 1 0 0 S u c c e s s .
Page 347: Show Wac User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual To show WAC ports: D G S - 3 2 0 0 - 1 0 : 4 # s h o w w a c p o r t s 1 - 8...
Page 348: Clear Wac Auth_State
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w w a c u s e r C o m m a n d : s h o w w a c u s e r...
Page 349: Mac-Based Access Control Command Lists
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41 MAC-based Access Control Command Lists enable mac_based_access_control disable mac_based_access_control config mac_based_access_control {ports [<portlist> | all] state [enable | disable]|method[local | radius] | password < passwd 16>| guest_vlan ports <portlist>} create mac_based_access_control guest_vlan < vlan_name 32>...
Page 350: Disable Mac_Based_Access_Control
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41-2 disable mac_based_access_control Purpose Used to disable MAC-Based Access Control. Format disable mac_based_access_control Description The disable mac_based_access_control command will disable the MAC-Based Access Control function. Parameters None. Restrictions You must have administrator privileges.
Page 351 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description A range of ports to enable or disable the ports mac_based_access_control function. Specify specific port state. state Specify which authenticated method. method In RADIUS mode, the switch communicate with a RADIUS server password uses the password.
Page 352: Config Mac_Based_Access_Control Guest_Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g m a c b a s e d _ a c c e s s _ c o n t r o l p a s s w o r d d e f a u l t...
Page 353: Delete Mac_Based_Access_Control Guest_Vlan
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41-5 delete mac_based_access_control guest_vlan Purpose To delete MAC-based Access Control guest VLANs. Format delete mac_based_access_control guest_vlan Description This command deletes guest VLANs from the switch. Parameters None. Restrictions You must have administrator privileges.
Page 354: Config Mac_Based_Access_Control_Local
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example To create a local database entry: D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e m a c...
Page 355: Delete Mac_Based_Access_Control_Local
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41-8 delete mac_based_access_control_local Purpose Used to delete the local database entry. Format delete mac_based_access_control_local [mac <macaddr> | vlan <vlan_name 32>] Description User use this command to delete a database entry. Parameters...
Page 356: Show Mac_Based_Access_Control Auth_Mac
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41-9 show mac_based_access_control auth_mac Purpose Used to display MAC-based Access Control authentication MACs. Format show mac_based_access_control auth_mac {ports <portlist>} Description User use this command to display mac_based_access_control authentication MACs on some ports or all ports.
Page 357: Show Mac_Based_Access_Control
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 41-10 show mac_based_access_control Purpose Used to display MAC-based Access Control settings. Format show mac_based_access_control {port [<portlist> | all]} Description Use this command to display MAC-based Access Control settings. Parameters Parameters Description...
Page 358: Show Mac_Based_Access_Control_Local
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w m a c b a s e d _ a c c e s s _ c o n t r o l p o r t 1 - 9...
Page 359 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w m a c b a s e d _ a c c e s s _ c o n t r o l _ l o c a l...
Page 360: Jwac Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 42 JWAC Command List enable jwac disable jwac enable jwac redirect disable jwac redirect enable jwac forcible_logout disable jwac forcible_logout enable jwac udp_filtering disable jwac udp_filtering enable jwac quarantine_server_monitor disable jwac quarantine_server_monitor config jwac quarantine_server_error_timeout config jwac redirect {destination [quarantine_server | jwac_login_page] | delay_time <sec 0-10>}(1)
Page 361: Enable/Disable Jwac Redirect
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual disable jwac Description JWAC and WAC are mutually exclusive functions. That is, they can not be enabled at the same time. Using the JWAC function, PC users need to pass two stages of authentication. The first stage is to do the authentication with the quarantine server and the second stage is the authentication with the switch.
Page 362: Enable/Disable Jwac Forcible_Logout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions When enable redirect to quarantine server is in effect, a quarantine server must be configured first. You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e j w a c r e d i r e c t C o m m a n d : e n a b l e j w a c r e d i r e c t S u c c e s s .
Page 363: Enable/Disable Jwac Udp_Filtering
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e j w a c f o r c i b l e _ l o g o u t C o m m a n d : e n a b l e j w a c f o r c i b l e _ l o g o u t S u c c e s s .
Page 364: Config Jwac Quarantine_Server_Error_Timeout
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description When the JWAC Quarantine Server monitor is enabled, the JWAC Switch will monitor the Quarantine Server to ensure the server is okay. If the Switch detects no Quarantine Server, it will redirect all unauthenticated HTTP accesses to the JWAC Login Page forcibly if the redirect is enabled and the redirect destination is configured to be Quarantine Server.
Page 365: Config Jwac Redirect
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example config jwac quarantine_server_error_timeout 60 D G S - 3 2 0 0 - 1 0 : 4 # config jwac quarantine_server_error_timeout 60 C o m m a n d : S u c c e s s .
Page 366: Config Jwac Virtual_Ip
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 42-8 config jwac virtual_ip Purpose Used to configure JWAC virtual IP addresses used to accept authentication requests from an unauthenticated host. Format config jwac virtual_ip <ipaddr> Description The virtual IP of JWAC is used to accept authentication request from unauthenticated host. Only requests sent to this IP will get response correctly.
Page 367: Config Jwac Clear_Quarantine_Server_Url
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Quarantine Server reaches the JWAC Switch, the Switch will handle this HTTP packet and send back a message to the host ot make it access the Quarantine Server with the configured URL. When the PC...
Page 368: Config Jwac Update_Server
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example D G S - 3 2 0 0 - 1 0 : 4 # config jwac clear_quarantine_server_url C o m m a n d : config jwac clear_quarantine_server_url S u c c e s s .
Page 369: Config Jwac Switch_Http_Port
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g j w a c o t h e r _ s e r v e r a d d i p a d d r e s s 1 0 . 9 0 . 9 0 . 1 0 9 / 2 4 C o m m a n d : c o n f i g j w a c o t h e r _ s e r v e r a d d i p a d d r e s s 1 0 .
Page 370: Config Jwac Port
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # 42-13 config jwac port Purpose Used to configure the port state of JWAC. Format config jwac port [<portlist> | all] {state [enable | disable] | max_authenticating_host <value 0-10> | aging_time [infinite | <min 1-1440>] | idle_time [infinite | <min 1-1440>] | block_time [<sec 0-300>]}...
Page 371: Config Jwac Radius_Protocol
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 42-14 config jwac radius_protocol Purpose Used to configure the RADIUS protocol used by JWAC. Format config jwac radius_protocol [local | pap | chap | ms_chap | ms_chapv2 | eap_md5] Description The config jwac radius_protocol command allows you to specify the RADIUS protocol used by JWAC to complete RADIUS authentication.
Page 372: Delete Jwac User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format create jwac user <username 15> {vlan <vlanid 1-4094>} config jwac user <username 15> {vlan <vlanid 1-4094>} Description The create jwac user command creates JWAC users in the local DB. When “local” is chosen while configuring the JWAC RADIUS protocol, the local DB will be used.
Page 373: Show Jwac User
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Example D G S - 3 2 0 0 - 1 0 : 4 # d e l e t e j w a c u s e r 1 1 2 2 3 3 C o m m a n d : d e l e t e j w a c u s e r 1 1 2 2 3 3 S u c c e s s .
Page 374: Delete Jwac Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 42-18 delete jwac host Purpose Used to delete the host on JWAC enabled ports. Format delete jwac host [ports [all | <portlist>] {authenticated | authenticating | blocked} | <macaddr>] Description The delete jwac host command allows you to delete a JWAC host.
Page 375: Show Jwac Host
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters None. Restrictions None. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w j w a c C o m m a n d : s h o w j w a c...
Page 376: Show Jwac Port
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description A port range to show the information of client host port Only to show authenticated client hosts authenticated Only to show client hosts being in authenticating process authenticating...
Page 377 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Shows all the ports configured for JWAC. Specifies a port range to show the configuration of JWAC. <portlist> Restrictions None. Example D G S - 3 2 0 0 - 1 0 : 4 # s h o w j w a c p o r t 1 - 4...
Page 378: Qos
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual IX. QoS The QoS section includes the following chapter: QoS.
Page 379: O S Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 43 QoS Command List config bandwidth_control <portlist>{rx_rate [ no_limit | <value 512-1024000>] | tx_rate [ no_limit | <value 512-1024000>]} show bandwidth_control {<portlist>} config scheduling <class_id 0-7> max_packet<value 0-255> config scheduling_mechanism [strict(1) | weight_fair(2)]...
Page 380 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual no_limit - Indicates there is no limit on port rx bandwidth. An integer value from 64 to 1024000 sets a maximum limit in Kbits/sec. The specified bandwidth limit may be equaled but not exceeded.
Page 381: Show Bandwidth_Control
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Response messages (1). “Success.” When users input a value that is a multiple of 64 and the setting is successful. (2). "Fail ! Trunk member port %-p can not be configured because the master is not contained in the portlist" .
Page 382: Config Scheduling
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # s h o w b a n d w i d t h _ c o n t r o l...
Page 383: Config Scheduling_Mechanism
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Description This specifies which of the n+1 hardware priority queues the class_id config scheduling command will apply to. The four hardware priority queues are identified by number − from 0 to n − with the 0 queue being the lowest priority.
Page 384: Show Scheduling
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. Examples To configure the traffic scheduling mechanism for each COS queue: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g s c h e d u l i n g _ m e c h a n i s m s t r i c t C o m m a n d : c o n f i g s c h e d u l i n g _ m e c h a n i s m s t r i c t S u c c e s s .
Page 385: Show Scheduling_Mechanism
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual C l a s s - 4 C l a s s - 5 C l a s s - 6 C l a s s - 7 D G S - 3 2 0 0 - 1 0 : 4 #...
Page 386: Config 802.1P User_Priority
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 43-7 config 802.1p user_priority Purpose Used to map the 802.1p user priority of an incoming packet to one of the four hardware queues available on the switch. Format config 802.1p user_priority <priority 0-7> <class_id 0-7>...
Page 387: Show 802.1P User_Priority
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 43-8 show 802.1p user_priority Purpose Used to display 802.1p user priority. Format show 802.1p user_priority Description The show 802.1p user_priority command displays 802.1p user priority. Parameters None. Restrictions None. Examples To display the traffic scheduling mechanism for each COS queue: D G S - 3 2 0 0 - 1 0 : 4 # s h o w 8 0 2 .
Page 388: Show 802.1P Default_Priority
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config 802.1p default_priority [ <portlist> | all ] <priority 0-7> Description The config 802.1p default_priority command allows you to specify default priority handling of untagged packets received by the switch. The priority value entered with this command will be used to determine which of the four hardware priority queues the packet is forwarded to.
Page 389 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show 802.1p default_priority command displays the current default priority settings on the switch. Parameters Parameters Description Specified a range of ports to be displayed. portlist If no parameter is specified, the system will display all ports with 802.1p default_priority.
Page 390: Ip Addressing Service
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual X. IP Addressing Service The IP Addressing Service section includes the following chapter: DHCP Relay.
Page 391: Dhcp Relay Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 44 DHCP Relay Command List config dhcp_relay { hops <value 1-16> | time <sec 0-65535>} config dhcp _relay [add|delete] ipif <ipif_name 12> <ipaddr> config dhcp_relay option_82 { state [enable|disable] | check [enable|disable] | policy...
Page 392: Config Dhcp_Relay Add
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g d h c p _ r e l a y h o p s 4 t i m e 2 C o m m a n d : c o n f i g d h c p _ r e l a y h o p s 4 t i m e 2 S u c c e s s .
Page 393: Config Dhcp_Relay Option_82
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config dhcp_relay delete ipif <ipif_name 12> <ipaddr> Description The config dhcp_relay delete command is used to delete one or all of the IP destination addresses in the swith’s relay table.
Page 394 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 1. Suboption type 2. Length 3. Circuit ID type 4. Length 5. VLAN : The incoming VLAN ID of DHCP client packet. 6 . Module : For a standalone switch, Module is always 0.
Page 395: Enable Dhcp_Relay
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To configure the DHCP relay option 82: D G S - 3 2 0 0 - 1 0 : 4 # c o n f i g d h c p _ r e l a y o p t i o n _ 8 2 s t a t e e n a b l e C o m m a n d : c o n f i g d h c p _ r e l a y o p t i o n _ 8 2 s t a t e e n a b l e S u c c e s s .
Page 396: Disable Dhcp_Relay
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # e n a b l e d h c p _ r e l a y C o m m a n d : e n a b l e d h c p _ r e l a y S u c c e s s .
Page 397 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show dhcp_relay command displays the current DHCP relay configuration. Parameters Parameters Description The IP interface name. ipif_name If no parameter is specified , the system will display all DHCP relay configurations.
Page 398: Ipv6
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual XI. IPv6 The IPv6 section includes the following chapter: IPv6 NDP.
Page 399: Ipv6 Ndp Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 45 IPv6 NDP Command List create ipv6 neighbor_cache ipif <ipif_name 12> <ipv6addr> <macaddr> delete ipv6 neighbor_cache ipif [<ipif_name 12>|all] [<ipv6addr> | static| dynamic| all ] show ipv6 neighbor_cache ipif [<ipif_name 12>|all] [ ipv6address <ipv6addr> | static|dynamic|all ] config ipv6 nd ns ipif <ipif_name 12>...
Page 400: Delete Ipv6 Neighbor_Cache
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To create a static neighbor cache entry. DGS-3200-10:4#create ipv6 neighbor_cache ipif System 3ffc::1 00:01:02:03:04:05 Command: create ipv6 neighbor_cache ipif System 3FFC::1 00-01-02-03-04-05 Success. DGS-3200-10:4# 45-2 delete ipv6 neighbor_cache Purpose To delete an IPv6 neighbor from the interface neighbor address cache.
Page 401: Show Ipv6 Neighbor_Cache
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual DGS-3200-10:4#delete ipv6 neighbor_cache ipif System 3ffc::1 Command: delete ipv6 neighbor_cache ipif System 3FFC::1 Success. DGS-3200-10:4# 45-3 show ipv6 neighbor_cache Purpose To show an IPv6 neighbor cache. Format show ipv6 neighbor_cache ipif [<ipif_name 12>|all] [ ipv6address <ipv6addr> | static|dynamic|all ] Description To display the neighbor cache entry for the specified interface.
Page 402: Config Ipv6 Nd Ns
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual DGS-3200-10:4#show ipv6 neighbor_cache ipif System all Command: show ipv6 neighbor_cache ipif System all Neighbor Link Layer Address Interface State -------------------------------------- ------------------ ------------ ----- FE80::20B:6AFF:FECF:7EC6 00-0B-6A-CF-7E-C6 System Total Entries: 1 State: (I) means Incomplete state. (R) means Reachable state.
Page 403: Config Ipv6 Nd Rs
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have the administrator privilege. Examples DGS-3200-10:4#config ipv6 nd ns ipif System retrans_time 400 Command: config ipv6 nd ns ipif System retrans_time 400 Success. DGS-3200-10:4# 45-5 config ipv6 nd rs Purpose To configure router solicitation related arguments.
Page 404 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format config ipv6 nd ra ipif <ipif_name 12> state [enable|disable] | life_time <value 0-9000> | reachable_time <value 0-3600000> | retrans_time < value 0-4294967295> | hop_limit <value 0-255> | managed_flag [enable|disable] | other_config_flag [enable | disable] | min_rtr_adv_interval < value 3-1350>...
Page 405: Config Ipv6 Nd Ra Prefix_Option
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual seconds and no greater than .75 * MaxRtrAdvInterval. Default: 0.33 * MaxRtrAdvInterval The maximum time allowed between sending max_rtr_adv_interval unsolicited multicast Router Advertisements from the interface, in seconds. MUST be no less than 4 seconds and no greater than 1800 seconds.
Page 406: Show Ipv6 Nd
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual When set to 1, the address implied by the specified on_link_flag prefix are available on the link where the RA message is received. When set to 1, then the specified prefix will be used to autonomous_flag create an autonomous address configuration.
Page 407 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Examples To display interface’s information. DGS-3200-10:4#show ipv6 nd ipif System Command: show ipv6 nd ipif System Interface Name : System Hop Limit : 64 NS Retransmit Time : 0 (ms) Router Advertisement...
Page 408: Acl
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual XII. ACL The ACL section includes the following chapter: ACL.
Page 409: Acl Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 46 ACL Command List create access_profile profile_id <value 1-200> [ ethernet { vlan | source_mac <macmask 000000000000-ffffffffffff> | destination_mac <macmask 000000000000-ffffffffffff> | 802.1p | ethernet_type }" | ip { vlan source_ip_mask <netmask> | destination_ip_mask <netmask> | dscp | [icmp {type | code } | igmp {type } | tcp {src_port_mask <hex 0x0-0xffff>...
Page 410 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual udp {src_port(<value 0-65535> | dst_port <value 0-65535>} | protocol_id <value 0 - 255> {user_define<hex 0x0-0xffffffff>}]} | packet_content_mask offset_chunk_1 <hex 0x0-0xffffffff> offset_chunk_2 <hex 0x0-0xffffffff> offset_chunk_3 <hex 0x0-0xffffffff> offset_chunk_4 <hex 0x0-0xffffffff> } | ipv6 { class <value 0-255> | flowlabel <hex 0x0-0xfffff> | source_ipv6 <ipv6addr>...
Page 411 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 0x0-0xffffffff>} | ipv6 {class | flowlabel| source_ipv6_mask <ipv6mask> | destination_ipv6_mask <ipv6mask>} ] create cpu access_profile [ ethernet { vlan | source_mac <macmask 000000000000-ffffffffffff> | destination_mac <macmask 000000000000-ffffffffffff> | 802.1p | ethernet_type} | ip { vlan | source_ip_mask <netmask>...
Page 412: Create Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual tcp{src_port <value 0-65535> | dst_port <value 0-65535> | urg | ack | psh | rst | syn | fin } | udp {src_port <value 0-65535> | dst_port <value 0-65535>} | protocol_id <value 0 - 255> {user_define <hex 0x0-0xffffffff>} ] } | packet_content {offset_0-15 <hex 0x0-0xffffffff>...
Page 413 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual flag_mask [ al | {urg | ack | psh| rst| syn | fin}] } | udp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex 0x0-0xffffffff>}]} | packet_content_mask {offset_chunk_1 <value 0-31>...
Page 414 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual user_define_mask Specifies the L4 part mask. packet_content_mask Specifies the frame content mask. There are a maximum of five offsets that can be configured. Each offset presents 16 bytes, the range of mask of frame is 80 bytes (5 offsets) in the first eighty bytes of frame.
Page 415: Delete Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual D G S - 3 2 0 0 - 1 0 : 4 # D G S - 3 2 0 0 - 1 0 : 4 # c r e a t e a c c e s s _ p r o f i l e p r o f i l e _ i d 1 0 1 i p v l a n s o u r c e _ i p _ m a s k 2 5 5 . 2 5 5 .
Page 416: Config Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 46-3 config access_profile Purpose Used to configure access list entry. Format config access_profile profile_id <value 1-200> [ add access_id [ auto_assign | <value 1-200> ] [ ethernet {vlan <vlan_name 32> | source_mac <macaddr 000000000000-ffffffffffff> | destination_mac <macaddr 000000000000-ffffffffffff>...
Page 417 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Parameters Parameters Description Specifies the index of the access list profile. profile_id Specifies the index of the access list entry. The range of this value is 1 to 200. access_id Specifies a VLAN name.
Page 418: Show Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Specifies IPv6 flow label value. flowlabel Specifies IPv6 source IP value. source_ipv6 Specifies IPv6 destionation IP value. destination_ip Specifies the packets that match the access profile are permit by the switch.
Page 419 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The show access_profile command displays current access list table. Parameters Parameters Description Specifies the index of the access list profile. profile_id Restrictions None. Example To display the current access list table:...
Page 420: Config Time_Range
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 2 5 5 . 2 5 5 . 2 5 5 . 0 - - - - - - - - - - -...
Page 421: Show Time_Range
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Deletes a time range profile. When a time range profile has delete been associated with ACL entries, the deletion of this time range profile will fail. Restrictions You must have administrator privileges.
Page 422: Create Cpu Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual DGS-3200-10:4#show time_range Command: show time_range Time Range Information ------------------------- Range Name : testdaily Weekdays : Mon,Fri Start Time : 12:00:00 End Time : 13:00:00 Total Entries :1 DGS-3200-10:4# 46-7 create cpu access_profile Purpose Used to create CPU access list rules.
Page 423 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Description The create cpu access_profile command creates CPU access list rules. Parameters Parameters Description Specifies a VLAN mask. vlan Specifies the source MAC mask. source_mac Specifies the destination MAC mask. destination_mac Specifies 802.1p priority tag mask.
Page 424: Delete Cpu Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual destination_ipv6_mask Specifies the IPv6 destination IP mask. Restrictions You must have administrator privileges. The Switch supports a maximum of five CPU profiles to be configured. Example To create CPU access list rules:...
Page 425: Config Cpu Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions You must have administrator privileges. The Switch supports a maximum of 500 access entries. The delete cpu access_profile command can only delete the profile which is created by the CPU ACL module.
Page 426 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>| offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> } | ipv6 {class <value 0-255> | flowlabel <hex 0x0-0xfffff>| source_ipv6 <ipv6addr> | destination_ipv6 <ipv6addr>} ] port [<portlist>...
Page 427: Show Cpu Access_Profile
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Specifies that the rule applies to the value of IP protocol ID protocod_id traffic. user_define Specifies the L4 part value. Specifies value for packet bytes 0-15. packet_conten offset_0-15 offset_16-31 Specifies value for packet bytes 16-31.
Page 428 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Format show cpu access_profile {profile_id <value 1-5>} Description The show cpu access_profile command displays current CPU access list table. Parameters Parameters Description Specifies the index of an access list profile. profile_id Restrictions None.
Page 429: Enable Cpu_Interface_Filtering
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual A c c e s s P r o f i l e I D : 2 T y p e : I P = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =...
Page 430: Disable Cpu_Interface_Filtering
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 46-12 disable cpu_interface_filtering Purpose Used to disable CPU interface filtering. Format disable cpu_interface_filtering Description The disable cpu_interface_filtering command disables CPU interface filtering. Parameters None. Restrictions None. Example To disable CPU interface filtering:...
Page 431: Packet Control
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual XIII. Packet Control The Packet Control section includes the following chapter: Packet Storm.
Page 432: Packet Storm Command List
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual 47 Packet Storm Command List config traffic control [<portlist> | all ] { broadcast [enable| disable]| multicast [enable| disable] | unicast [enable | disable] | action [drop | shutdown] | threshold <value 512-1024000>| countdown [<value 0> | value 5-30>] | time_interval <value 5-30 >...
Page 433: Config Traffic Trap
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual countdown, and time_interval as well. The upper threshold at which the specified storm control will turn on. threshold The <value 512-1024000>is the number of broadcast/multicast packets per second received by the switch that will trigger the storm traffic control measure.
Page 434: Show Traffic Control
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual storm events are detected by a SW traffic storm control mechanism. Note: A traffic control trap is active only when the control action is configured as “shutdown”. If the control action is “drop” there will no traps issue while storm event is detected.
Page 435 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Restrictions None. Examples To display the packet storm control setting: D G S - 3 2 0 0 - 1 0 : 4 # s h o w t r a f f i c c o n t r o l...
Page 436: Appendix - Mitigating Arp Spoofing Attacks Using Packet Content Acl
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Appendix - Mitigating ARP Spoofing Attacks Using Packet Content ACL How Address Resolution Protocol works In the process of ARP, PC A will first issue an ARP request to query PC B’s MAC address. The network structure is shown in Figure-1.
Page 437 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Port1 00-20-5C-01-11-11 In addition, when the switch receives the broadcasted ARP request, it will flood the frame to all ports except the source port, port 1 (see Figure-2). Figure-2 Who is 10.10.10.2? When the switch floods the frame of ARP request to the network, all PCs will receive and examine the frame but only PC B will reply the query as the destination IP matched (see Figure-3).
Page 438 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Table-3 (ARP Payload) Protocol Protocol Operation Sender Sender Target Target type type address address H/W address protocol H/W address protocol length length address address ARP reply 00-20-5C-01-11-11 10.10.10.1 00-20-5C-01-22-22 10.10.10.2 When PC B replies to the query, the “Destination Address” in the Ethernet frame will be changed to PC A’s MAC address.
Page 439: How Arp Spoofing Attacks A Network
DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual How ARP Spoofing Attacks a Network ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN, modify the traffic, or stop the traffic altogether (known as a Denial of Service – DoS attack).
Page 440: Prevent Arp Spoofing Via Packet Content Acl
Figure-5 Prevent ARP Spoofing via Packet Content ACL D-Link managed switches can effectively mitigate common DoS attacks caused by ARP spoofing via a unique Package Content ACL. For the reason that basic ACL can only filter ARP packets based on packet type, VLAN ID, Source, and Destination MAC information, there is a need for further inspections of ARP packets.
Page 441 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Example topology Configuration The configuration logic is as follows: 1. Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender IP address in ARP protocol can pass through the switch. (In this example, it is gateway’s ARP.) 2.
Page 442 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Table-6: Chunk and packet offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Chunk Chunk0 Chunk1 Chunk2 Chunk3 Chunk4 Chunk5 Chunk6 Chunk7...
Page 443 DGS-3200 Series Layer 2 Gigabit Managed Switch CLI Manual Command Description Create access profile 1 – create access_profile profile_id 1 ethernet source_mac Step1 To match Ethernet Type Source MAC FF-FF-FF-FF-FF-FF ethernet_type address. config access_profile profile_id 1 add access_id 1 Configure access profile 1 –...

D-Link DGS-3200 SERIES Cli Manual

Introduction

1 Using Command Line Interface

Interface and Hardware

2 Switch Port Command List

Fundamentals

3 Basic Management Command List

4 Utility Command List

Network Management

5 Snmpv1/V2 Command List

6 Snmpv3 Command List

7 Network Management Command List

8 Network Monitoring Command List

9 System Severity Command List

10 Command List History Command List

11 Modify Banner and Prompt Command List

12 Time and Sntp Command List

13 Jumbo Frame Command List

14 Single Ip Management Command List

15 Safeguard Engine Command List

Layer 2

16 Mstp Command List

17 Fdb Command List

18 Mac Notification Command List

19 Mirror Command List

20 Vlan Command List

21 Protocol Vlan Command List

22 Link Aggregation Command List

23 Lacp Configuration Command List

24 Traffic Segmentation Command List

25 Port Security Command List

26 Static MAC-Based VLAN Command List

27 Basic Ip Command List

28 Auto Config Command List

29 Routing Table Command List

30 Arp Command List

31 Loopback Detection Command List

Multicast

32 Igmp Snooping Command List

33 Mld Snooping Command List

34 Limited Multicast Ip Address Command List

Security

802.1X Command List

36 Access Authentication Control Command List

37 SSL Command List

38 Ssh Command List

39 Ip-Mac-Port Binding (Impb) Command List

40 Web-Based Access Control Command List

41 MAC-Based Access Control Command Lists

42 Jwac Command List

Quick Links

Related Manuals for D-Link DGS-3200 SERIES

Summary of Contents for D-Link DGS-3200 SERIES